]> git.ipfire.org Git - thirdparty/systemd.git/blame - man/systemd.netdev.xml
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
networkd: allow to configure default/initial send/recv congestion window and store...
[thirdparty/systemd.git] / man / systemd.netdev.xml
CommitLineData
eac684ef
TG		 1<?xml version='1.0'?> <!--*-nxml-*-->
2<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
12b42c76 3 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
eac684ef
TG		 4
5<!--
572eb058
ZJS		 6 SPDX-License-Identifier: LGPL-2.1+
7
eac684ef
TG		 8 This file is part of systemd.
9
10 Copyright 2013 Tom Gundersen
11
12 systemd is free software; you can redistribute it and/or modify it
13 under the terms of the GNU Lesser General Public License as published by
14 the Free Software Foundation; either version 2.1 of the License, or
15 (at your option) any later version.
16
17 systemd is distributed in the hope that it will be useful, but
18 WITHOUT ANY WARRANTY; without even the implied warranty of
19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 Lesser General Public License for more details.
21
22 You should have received a copy of the GNU Lesser General Public License
23 along with systemd; If not, see <http://www.gnu.org/licenses/>.
24-->
25
26<refentry id="systemd.netdev" conditional='ENABLE_NETWORKD'>
27
798d3a52
ZJS		 28 <refentryinfo>
29 <title>systemd.network</title>
30 <productname>systemd</productname>
31
32 <authorgroup>
33 <author>
34 <contrib>Developer</contrib>
35 <firstname>Tom</firstname>
36 <surname>Gundersen</surname>
37 <email>teg@jklm.no</email>
38 </author>
39 </authorgroup>
40 </refentryinfo>
41
42 <refmeta>
43 <refentrytitle>systemd.netdev</refentrytitle>
44 <manvolnum>5</manvolnum>
45 </refmeta>
46
47 <refnamediv>
48 <refname>systemd.netdev</refname>
49 <refpurpose>Virtual Network Device configuration</refpurpose>
50 </refnamediv>
51
52 <refsynopsisdiv>
53 <para><filename><replaceable>netdev</replaceable>.netdev</filename></para>
54 </refsynopsisdiv>
55
56 <refsect1>
57 <title>Description</title>
58
59 <para>Network setup is performed by
60 <citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
61 </para>
62
bac150e9
ZJS		 63 <para>The main Virtual Network Device file must have the extension <filename>.netdev</filename>;
64 other extensions are ignored. Virtual network devices are created as soon as networkd is
65 started. If a netdev with the specified name already exists, networkd will use that as-is rather
66 than create its own. Note that the settings of the pre-existing netdev will not be changed by
798d3a52
ZJS		 67 networkd.</para>
68
bac150e9
ZJS		 69 <para>The <filename>.netdev</filename> files are read from the files located in the system
70 network directory <filename>/usr/lib/systemd/network</filename>, the volatile runtime network
71 directory <filename>/run/systemd/network</filename> and the local administration network
72 directory <filename>/etc/systemd/network</filename>. All configuration files are collectively
73 sorted and processed in lexical order, regardless of the directories in which they live.
74 However, files with identical filenames replace each other. Files in <filename>/etc</filename>
75 have the highest priority, files in <filename>/run</filename> take precedence over files with
76 the same name in <filename>/usr/lib</filename>. This can be used to override a system-supplied
77 configuration file with a local file if needed. As a special case, an empty file (file size 0)
78 or symlink with the same name pointing to <filename>/dev/null</filename> disables the
79 configuration file entirely (it is "masked").</para>
80
81 <para>Along with the netdev file <filename>foo.netdev</filename>, a "drop-in" directory
82 <filename>foo.netdev.d/</filename> may exist. All files with the suffix <literal>.conf</literal>
83 from this directory will be parsed after the file itself is parsed. This is useful to alter or
84 add configuration settings, without having to modify the main configuration file. Each drop-in
85 file must have appropriate section headers.</para>
86
87 <para>In addition to <filename>/etc/systemd/network</filename>, drop-in <literal>.d</literal>
88 directories can be placed in <filename>/usr/lib/systemd/network</filename> or
89 <filename>/run/systemd/network</filename> directories. Drop-in files in
90 <filename>/etc</filename> take precedence over those in <filename>/run</filename> which in turn
91 take precedence over those in <filename>/usr/lib</filename>. Drop-in files under any of these
92 directories take precedence over the main netdev file wherever located. (Of course, since
93 <filename>/run</filename> is temporary and <filename>/usr/lib</filename> is for vendors, it is
94 unlikely drop-ins should be used in either of those places.)</para>
798d3a52
ZJS		 95 </refsect1>
96
97 <refsect1>
98 <title>Supported netdev kinds</title>
99
100 <para>The following kinds of virtual network devices may be
101 configured in <filename>.netdev</filename> files:</para>
102
103 <table>
104 <title>Supported kinds of virtual network devices</title>
105
106 <tgroup cols='2'>
107 <colspec colname='kind' />
108 <colspec colname='explanation' />
109 <thead><row>
110 <entry>Kind</entry>
111 <entry>Description</entry>
112 </row></thead>
113 <tbody>
114 <row><entry><varname>bond</varname></entry>
115 <entry>A bond device is an aggregation of all its slave devices. See <ulink url="https://www.kernel.org/doc/Documentation/networking/bonding.txt">Linux Ethernet Bonding Driver HOWTO</ulink> for details.Local configuration</entry></row>
116
117 <row><entry><varname>bridge</varname></entry>
a8eaaee7 118 <entry>A bridge device is a software switch, and each of its slave devices and the bridge itself are ports of the switch.</entry></row>
798d3a52
ZJS		 119
120 <row><entry><varname>dummy</varname></entry>
121 <entry>A dummy device drops all packets sent to it.</entry></row>
122
123 <row><entry><varname>gre</varname></entry>
124 <entry>A Level 3 GRE tunnel over IPv4. See <ulink url="https://tools.ietf.org/html/rfc2784">RFC 2784</ulink> for details.</entry></row>
125
126 <row><entry><varname>gretap</varname></entry>
127 <entry>A Level 2 GRE tunnel over IPv4.</entry></row>
128
129 <row><entry><varname>ip6gre</varname></entry>
130 <entry>A Level 3 GRE tunnel over IPv6.</entry></row>
131
132 <row><entry><varname>ip6tnl</varname></entry>
133 <entry>An IPv4 or IPv6 tunnel over IPv6</entry></row>
134
135 <row><entry><varname>ip6gretap</varname></entry>
037a3ded 136 <entry>A Level 2 GRE tunnel over IPv6.</entry></row>
798d3a52
ZJS		 137
138 <row><entry><varname>ipip</varname></entry>
139 <entry>An IPv4 over IPv4 tunnel.</entry></row>
140
141 <row><entry><varname>ipvlan</varname></entry>
142 <entry>An ipvlan device is a stacked device which receives packets from its underlying device based on IP address filtering.</entry></row>
143
144 <row><entry><varname>macvlan</varname></entry>
145 <entry>A macvlan device is a stacked device which receives packets from its underlying device based on MAC address filtering.</entry></row>
146
0371f2df
SS		 147 <row><entry><varname>macvtap</varname></entry>
148 <entry>A macvtap device is a stacked device which receives packets from its underlying device based on MAC address filtering.</entry></row>
149
798d3a52
ZJS		 150 <row><entry><varname>sit</varname></entry>
151 <entry>An IPv6 over IPv4 tunnel.</entry></row>
152
153 <row><entry><varname>tap</varname></entry>
154 <entry>A persistent Level 2 tunnel between a network device and a device node.</entry></row>
155
156 <row><entry><varname>tun</varname></entry>
157 <entry>A persistent Level 3 tunnel between a network device and a device node.</entry></row>
158
159 <row><entry><varname>veth</varname></entry>
a8eaaee7 160 <entry>An Ethernet tunnel between a pair of network devices.</entry></row>
798d3a52
ZJS		 161
162 <row><entry><varname>vlan</varname></entry>
163 <entry>A VLAN is a stacked device which receives packets from its underlying device based on VLAN tagging. See <ulink url="http://www.ieee802.org/1/pages/802.1Q.html">IEEE 802.1Q</ulink> for details.</entry></row>
164
165 <row><entry><varname>vti</varname></entry>
166 <entry>An IPv4 over IPSec tunnel.</entry></row>
167
5cc0748e
SS		 168 <row><entry><varname>vti6</varname></entry>
169 <entry>An IPv6 over IPSec tunnel.</entry></row>
170
798d3a52
ZJS		 171 <row><entry><varname>vxlan</varname></entry>
172 <entry>A virtual extensible LAN (vxlan), for connecting Cloud computing deployments.</entry></row>
20897a0d 173
6598e046
SS		 174 <row><entry><varname>geneve</varname></entry>
175 <entry>A GEneric NEtwork Virtualization Encapsulation (GENEVE) netdev driver.</entry></row>
176
20897a0d 177 <row><entry><varname>vrf</varname></entry>
92c918b0
SS		 178 <entry>A Virtual Routing and Forwarding (<ulink url="https://www.kernel.org/doc/Documentation/networking/vrf.txt">VRF</ulink>) interface to create separate routing and forwarding domains.</entry></row>
179
180 <row><entry><varname>vcan</varname></entry>
ba9fa3bc 181 <entry>The virtual CAN driver (vcan). Similar to the network loopback devices, vcan offers a virtual local CAN interface.</entry></row>
20897a0d 182
d6df583c
SS		 183 <row><entry><varname>vxcan</varname></entry>
184 <entry>The virtual CAN tunnel driver (vxcan). Similar to the virtual ethernet driver veth, vxcan implements a local CAN traffic tunnel between two virtual CAN network devices. When creating a vxcan, two vxcan devices are created as pair. When one end receives the packet it appears on its pair and vice versa. The vxcan can be used for cross namespace communication.
185 </entry></row>
186
798d3a52
ZJS		 187 </tbody>
188 </tgroup>
189 </table>
190
191 </refsect1>
192
193 <refsect1>
194 <title>[Match] Section Options</title>
195
196 <para>A virtual network device is only created if the
197 <literal>[Match]</literal> section matches the current
198 environment, or if the section is empty. The following keys are
199 accepted:</para>
200
201 <variablelist class='network-directives'>
202 <varlistentry>
203 <term><varname>Host=</varname></term>
204 <listitem>
205 <para>Matches against the hostname or machine ID of the
206 host. See <literal>ConditionHost=</literal> in
207 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
208 for details.
209 </para>
210 </listitem>
211 </varlistentry>
212 <varlistentry>
213 <term><varname>Virtualization=</varname></term>
214 <listitem>
215 <para>Checks whether the system is executed in a virtualized
216 environment and optionally test whether it is a specific
217 implementation. See
218 <literal>ConditionVirtualization=</literal> in
219 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
220 for details.
221 </para>
222 </listitem>
223 </varlistentry>
224 <varlistentry>
225 <term><varname>KernelCommandLine=</varname></term>
226 <listitem>
227 <para>Checks whether a specific kernel command line option
228 is set (or if prefixed with the exclamation mark unset). See
229 <literal>ConditionKernelCommandLine=</literal> in
230 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
231 for details.
232 </para>
233 </listitem>
234 </varlistentry>
5022f08a
LP		 235 <varlistentry>
236 <term><varname>KernelVersion=</varname></term>
237 <listitem>
238 <para>Checks whether the kernel version (as reported by <command>uname -r</command>) matches a certain
239 expression (or if prefixed with the exclamation mark does not match it). See
240 <literal>ConditionKernelVersion=</literal> in
241 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> for details.
242 </para>
243 </listitem>
244 </varlistentry>
798d3a52
ZJS		 245 <varlistentry>
246 <term><varname>Architecture=</varname></term>
247 <listitem>
248 <para>Checks whether the system is running on a specific
249 architecture. See <literal>ConditionArchitecture=</literal> in
250 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
251 for details.
252 </para>
253 </listitem>
254 </varlistentry>
255 </variablelist>
256
257 </refsect1>
258
259 <refsect1>
260 <title>[NetDev] Section Options</title>
261
262 <para>The <literal>[NetDev]</literal> section accepts the
263 following keys:</para>
264
265 <variablelist class='network-directives'>
266 <varlistentry>
267 <term><varname>Description=</varname></term>
268 <listitem>
269 <para>A free-form description of the netdev.</para>
270 </listitem>
271 </varlistentry>
272 <varlistentry>
273 <term><varname>Name=</varname></term>
274 <listitem>
275 <para>The interface name used when creating the netdev.
276 This option is compulsory.</para>
277 </listitem>
278 </varlistentry>
279 <varlistentry>
280 <term><varname>Kind=</varname></term>
281 <listitem>
282 <para>The netdev kind. This option is compulsory. See the
283 <literal>Supported netdev kinds</literal> section for the
284 valid keys.</para>
285 </listitem>
286 </varlistentry>
287 <varlistentry>
288 <term><varname>MTUBytes=</varname></term>
289 <listitem>
290 <para>The maximum transmission unit in bytes to set for
291 the device. The usual suffixes K, M, G, are supported and
292 are understood to the base of 1024. This key is not
ff9b60f3 293 currently supported for <literal>tun</literal> or
798d3a52
ZJS		 294 <literal>tap</literal> devices.
295 </para>
296 </listitem>
297 </varlistentry>
298 <varlistentry>
299 <term><varname>MACAddress=</varname></term>
300 <listitem>
301 <para>The MAC address to use for the device. If none is
302 given, one is generated based on the interface name and
303 the
304 <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
ff9b60f3 305 This key is not currently supported for
798d3a52
ZJS		 306 <literal>tun</literal> or <literal>tap</literal> devices.
307 </para>
308 </listitem>
309 </varlistentry>
310 </variablelist>
311 </refsect1>
312
3428fe07
SS		 313 <refsect1>
314 <title>[Bridge] Section Options</title>
315
316 <para>The <literal>[Bridge]</literal> section only applies for
317 netdevs of kind <literal>bridge</literal>, and accepts the
a8eaaee7 318 following keys:</para>
3428fe07
SS		 319
320 <variablelist class='network-directives'>
321 <varlistentry>
322 <term><varname>HelloTimeSec=</varname></term>
323 <listitem>
a8eaaee7 324 <para>HelloTimeSec specifies the number of seconds between two hello packets
3428fe07
SS		 325 sent out by the root bridge and the designated bridges. Hello packets are
326 used to communicate information about the topology throughout the entire
327 bridged local area network.</para>
328 </listitem>
329 </varlistentry>
330 <varlistentry>
331 <term><varname>MaxAgeSec=</varname></term>
332 <listitem>
333 <para>MaxAgeSec specifies the number of seconds of maximum message age.
334 If the last seen (received) hello packet is more than this number of
335 seconds old, the bridge in question will start the takeover procedure
336 in attempt to become the Root Bridge itself.</para>
337 </listitem>
338 </varlistentry>
339 <varlistentry>
340 <term><varname>ForwardDelaySec=</varname></term>
341 <listitem>
342 <para>ForwardDelaySec specifies the number of seconds spent in each
343 of the Listening and Learning states before the Forwarding state is entered.</para>
344 </listitem>
345 </varlistentry>
c7440e74
TJ		 346 <varlistentry>
347 <term><varname>AgeingTimeSec=</varname></term>
348 <listitem>
349 <para>This specifies the number of seconds a MAC Address will be kept in
d23a0044 350 the forwarding database after having a packet received from this MAC Address.</para>
c7440e74
TJ		 351 </listitem>
352 </varlistentry>
353 <varlistentry>
354 <term><varname>Priority=</varname></term>
355 <listitem>
356 <para>The priority of the bridge. An integer between 0 and 65535. A lower value
357 means higher priority. The bridge having the lowest priority will be elected as root bridge.</para>
358 </listitem>
359 </varlistentry>
c4819961
JC		 360 <varlistentry>
361 <term><varname>GroupForwardMask=</varname></term>
362 <listitem>
363 <para>A 16-bit bitmask represented as an integer which allows forwarding of link
364 local frames with 802.1D reserved addresses (01:80:C2:00:00:0X). A logical AND
365 is performed between the specified bitmask and the exponentiation of 2^X, the
366 lower nibble of the last octet of the MAC address. For example, a value of 8
367 would allow forwarding of frames addressed to 01:80:C2:00:00:03 (802.1X PAE).</para>
368 </listitem>
369 </varlistentry>
c7440e74
TJ		 370 <varlistentry>
371 <term><varname>DefaultPVID=</varname></term>
372 <listitem>
0d6c68eb
TJ		 373 <para>This specifies the default port VLAN ID of a newly attached bridge port.
374 Set this to an integer in the range 1–4094 or <literal>none</literal> to disable the PVID.</para>
c7440e74
TJ		 375 </listitem>
376 </varlistentry>
3fef7a3f
SS		 377 <varlistentry>
378 <term><varname>MulticastQuerier=</varname></term>
379 <listitem>
380 <para>A boolean. This setting controls the IFLA_BR_MCAST_QUERIER option in the kernel.
381 If enabled, the kernel will send general ICMP queries from a zero source address.
382 This feature should allow faster convergence on startup, but it causes some
383 multicast-aware switches to misbehave and disrupt forwarding of multicast packets.
384 When unset, the kernel's default setting applies.
385 </para>
386 </listitem>
387 </varlistentry>
6df6d898
SS		 388 <varlistentry>
389 <term><varname>MulticastSnooping=</varname></term>
390 <listitem>
391 <para>A boolean. This setting controls the IFLA_BR_MCAST_SNOOPING option in the kernel.
392 If enabled, IGMP snooping monitors the Internet Group Management Protocol (IGMP) traffic
393 between hosts and multicast routers. When unset, the kernel's default setting applies.
394 </para>
395 </listitem>
396 </varlistentry>
c6f8d17d
TJ		 397 <varlistentry>
398 <term><varname>VLANFiltering=</varname></term>
399 <listitem>
400 <para>A boolean. This setting controls the IFLA_BR_VLAN_FILTERING option in the kernel.
401 If enabled, the bridge will be started in VLAN-filtering mode. When unset, the kernel's
402 default setting applies.
403 </para>
404 </listitem>
405 </varlistentry>
b760a9af
SS		 406 <varlistentry>
407 <term><varname>STP=</varname></term>
408 <listitem>
409 <para>A boolean. This enables the bridge's Spanning Tree Protocol (STP). When unset,
410 the kernel's default setting applies.
411 </para>
412 </listitem>
413 </varlistentry>
3428fe07 414 </variablelist>
3428fe07
SS		 415 </refsect1>
416
798d3a52
ZJS		 417 <refsect1>
418 <title>[VLAN] Section Options</title>
419
420 <para>The <literal>[VLAN]</literal> section only applies for
421 netdevs of kind <literal>vlan</literal>, and accepts the
422 following key:</para>
423
424 <variablelist class='network-directives'>
425 <varlistentry>
426 <term><varname>Id=</varname></term>
427 <listitem>
428 <para>The VLAN ID to use. An integer in the range 0–4094.
429 This option is compulsory.</para>
430 </listitem>
431 </varlistentry>
c8b21184
SS		 432 <varlistentry>
433 <term><varname>GVRP=</varname></term>
434 <listitem>
435 <para>The Generic VLAN Registration Protocol (GVRP) is a protocol that
436 allows automatic learning of VLANs on a network. A boolean. When unset,
437 the kernel's default setting applies.</para>
438 </listitem>
439 </varlistentry>
6c1ff21b
SS		 440 <varlistentry>
441 <term><varname>MVRP=</varname></term>
442 <listitem>
443 <para>Multiple VLAN Registration Protocol (MVRP) formerly known as GARP VLAN
444 Registration Protocol (GVRP) is a standards-based Layer 2 network protocol,
445 for automatic configuration of VLAN information on switches. It was defined
446 in the 802.1ak amendment to 802.1Q-2005. A boolean. When unset, the kernel's
447 default setting applies.</para>
448 </listitem>
449 </varlistentry>
450 <varlistentry>
451 <term><varname>LooseBinding=</varname></term>
452 <listitem>
453 <para>The VLAN loose binding mode, in which only the operational state is passed
454 from the parent to the associated VLANs, but the VLAN device state is not changed.
455 A boolean. When unset, the kernel's default setting applies.</para>
456 </listitem>
457 </varlistentry>
458 <varlistentry>
459 <term><varname>ReorderHeader=</varname></term>
460 <listitem>
461 <para>The VLAN reorder header is set VLAN interfaces behave like physical interfaces.
462 A boolean. When unset, the kernel's default setting applies.</para>
463 </listitem>
464 </varlistentry>
798d3a52 465 </variablelist>
798d3a52
ZJS		 466 </refsect1>
467
468 <refsect1>
469 <title>[MACVLAN] Section Options</title>
470
471 <para>The <literal>[MACVLAN]</literal> section only applies for
472 netdevs of kind <literal>macvlan</literal>, and accepts the
473 following key:</para>
474
475 <variablelist class='network-directives'>
476 <varlistentry>
477 <term><varname>Mode=</varname></term>
478 <listitem>
479 <para>The MACVLAN mode to use. The supported options are
480 <literal>private</literal>,
481 <literal>vepa</literal>,
482 <literal>bridge</literal>, and
483 <literal>passthru</literal>.
484 </para>
485 </listitem>
486 </varlistentry>
487 </variablelist>
488
489 </refsect1>
490
0371f2df
SS		 491 <refsect1>
492 <title>[MACVTAP] Section Options</title>
493
494 <para>The <literal>[MACVTAP]</literal> section applies for
495 netdevs of kind <literal>macvtap</literal> and accepts the
96d49011 496 same key as <literal>[MACVLAN]</literal>.</para>
0371f2df
SS		 497
498 </refsect1>
499
798d3a52
ZJS		 500 <refsect1>
501 <title>[IPVLAN] Section Options</title>
502
503 <para>The <literal>[IPVLAN]</literal> section only applies for
504 netdevs of kind <literal>ipvlan</literal>, and accepts the
505 following key:</para>
506
507 <variablelist class='network-directives'>
508 <varlistentry>
509 <term><varname>Mode=</varname></term>
510 <listitem>
511 <para>The IPVLAN mode to use. The supported options are
d384826f
SS		 512 <literal>L2</literal>,<literal>L3</literal> and <literal>L3S</literal>.
513 </para>
514 </listitem>
515 </varlistentry>
516 <varlistentry>
517 <term><varname>Flags=</varname></term>
518 <listitem>
519 <para>The IPVLAN flags to use. The supported options are
520 <literal>bridge</literal>,<literal>private</literal> and <literal>vepa</literal>.
798d3a52
ZJS		 521 </para>
522 </listitem>
523 </varlistentry>
524 </variablelist>
525
526 </refsect1>
527
528 <refsect1>
529 <title>[VXLAN] Section Options</title>
530 <para>The <literal>[VXLAN]</literal> section only applies for
531 netdevs of kind <literal>vxlan</literal>, and accepts the
532 following keys:</para>
533
534 <variablelist class='network-directives'>
535 <varlistentry>
536 <term><varname>Id=</varname></term>
537 <listitem>
538 <para>The VXLAN ID to use.</para>
539 </listitem>
540 </varlistentry>
541 <varlistentry>
d35e5d37 542 <term><varname>Remote=</varname></term>
798d3a52 543 <listitem>
d35e5d37 544 <para>Configures destination multicast group IP address.</para>
798d3a52
ZJS		 545 </listitem>
546 </varlistentry>
547 <varlistentry>
d35e5d37
SS		 548 <term><varname>Local=</varname></term>
549 <listitem>
550 <para>Configures local IP address.</para>
551 </listitem>
552 </varlistentry>
553 <varlistentry>
798d3a52
ZJS		 554 <term><varname>TOS=</varname></term>
555 <listitem>
556 <para>The Type Of Service byte value for a vxlan interface.</para>
557 </listitem>
558 </varlistentry>
559 <varlistentry>
560 <term><varname>TTL=</varname></term>
561 <listitem>
562 <para>A fixed Time To Live N on Virtual eXtensible Local
b938cb90 563 Area Network packets. N is a number in the range 1–255. 0
798d3a52
ZJS		 564 is a special value meaning that packets inherit the TTL
565 value.</para>
566 </listitem>
567 </varlistentry>
568 <varlistentry>
569 <term><varname>MacLearning=</varname></term>
570 <listitem>
571 <para>A boolean. When true, enables dynamic MAC learning
572 to discover remote MAC addresses.</para>
573 </listitem>
574 </varlistentry>
575 <varlistentry>
576 <term><varname>FDBAgeingSec=</varname></term>
577 <listitem>
578 <para>The lifetime of Forwarding Database entry learnt by
b938cb90 579 the kernel, in seconds.</para>
798d3a52
ZJS		 580 </listitem>
581 </varlistentry>
582 <varlistentry>
3d276dd2
SS		 583 <term><varname>MaximumFDBEntries=</varname></term>
584 <listitem>
585 <para>Configures maximum number of FDB entries.</para>
586 </listitem>
587 </varlistentry>
798d3a52 588 <varlistentry>
7dd6974c 589 <term><varname>ReduceARPProxy=</varname></term>
798d3a52 590 <listitem>
7dd6974c
SS		 591 <para>A boolean. When true, bridge-connected VXLAN tunnel
592 endpoint answers ARP requests from the local bridge on behalf
593 of remote Distributed Overlay Virtual Ethernet
594 <ulink url="https://en.wikipedia.org/wiki/Distributed_Overlay_Virtual_Ethernet">
595 (DVOE)</ulink> clients. Defaults to false.</para>
798d3a52
ZJS		 596 </listitem>
597 </varlistentry>
598 <varlistentry>
599 <term><varname>L2MissNotification=</varname></term>
600 <listitem>
601 <para>A boolean. When true, enables netlink LLADDR miss
602 notifications.</para>
603 </listitem>
604 </varlistentry>
605 <varlistentry>
606 <term><varname>L3MissNotification=</varname></term>
607 <listitem>
a8eaaee7 608 <para>A boolean. When true, enables netlink IP address miss
798d3a52
ZJS		 609 notifications.</para>
610 </listitem>
611 </varlistentry>
612 <varlistentry>
613 <term><varname>RouteShortCircuit=</varname></term>
614 <listitem>
a8eaaee7 615 <para>A boolean. When true, route short circuiting is turned
798d3a52
ZJS		 616 on.</para>
617 </listitem>
618 </varlistentry>
cffacc74 619 <varlistentry>
53c06862 620 <term><varname>UDPChecksum=</varname></term>
cffacc74 621 <listitem>
b938cb90 622 <para>A boolean. When true, transmitting UDP checksums when doing VXLAN/IPv4 is turned on.</para>
cffacc74
SS		 623 </listitem>
624 </varlistentry>
625 <varlistentry>
626 <term><varname>UDP6ZeroChecksumTx=</varname></term>
627 <listitem>
b938cb90 628 <para>A boolean. When true, sending zero checksums in VXLAN/IPv6 is turned on.</para>
cffacc74
SS		 629 </listitem>
630 </varlistentry>
631 <varlistentry>
53c06862 632 <term><varname>UDP6ZeroChecksumRx=</varname></term>
cffacc74 633 <listitem>
b938cb90 634 <para>A boolean. When true, receiving zero checksums in VXLAN/IPv6 is turned on.</para>
16441027
SS		 635 </listitem>
636 </varlistentry>
637 <varlistentry>
53c06862 638 <term><varname>RemoteChecksumTx=</varname></term>
16441027
SS		 639 <listitem>
640 <para>A boolean. When true, remote transmit checksum offload of VXLAN is turned on.</para>
641 </listitem>
642 </varlistentry>
643 <varlistentry>
53c06862 644 <term><varname>RemoteChecksumRx=</varname></term>
16441027
SS		 645 <listitem>
646 <para>A boolean. When true, remote receive checksum offload in VXLAN is turned on.</para>
cffacc74
SS		 647 </listitem>
648 </varlistentry>
8b414e52
SS		 649 <varlistentry>
650 <term><varname>GroupPolicyExtension=</varname></term>
651 <listitem>
b938cb90
JE		 652 <para>A boolean. When true, it enables Group Policy VXLAN extension security label mechanism
653 across network peers based on VXLAN. For details about the Group Policy VXLAN, see the
8b414e52
SS		 654 <ulink url="https://tools.ietf.org/html/draft-smith-vxlan-group-policy">
655 VXLAN Group Policy </ulink> document. Defaults to false.</para>
656 </listitem>
657 </varlistentry>
ea0288d1
SS		 658 <varlistentry>
659 <term><varname>DestinationPort=</varname></term>
660 <listitem>
661 <para>Configures the default destination UDP port on a per-device basis.
662 If destination port is not specified then Linux kernel default will be used.
98616735
SS		 663 Set destination port 4789 to get the IANA assigned value. If not set or if the
664 destination port is assigned the empty string the default port of 4789 is used.</para>
ea0288d1
SS		 665 </listitem>
666 </varlistentry>
667 <varlistentry>
668 <term><varname>PortRange=</varname></term>
669 <listitem>
670 <para>Configures VXLAN port range. VXLAN bases source
671 UDP port based on flow to help the receiver to be able
672 to load balance based on outer header flow. It
673 restricts the port range to the normal UDP local
674 ports, and allows overriding via configuration.</para>
675 </listitem>
676 </varlistentry>
d8653945
SS		 677 <varlistentry>
678 <term><varname>FlowLabel=</varname></term>
679 <listitem>
680 <para>Specifies the flow label to use in outgoing packets.
681 The valid range is 0-1048575.
682 </para>
683 </listitem>
684 </varlistentry>
798d3a52
ZJS		 685 </variablelist>
686 </refsect1>
6598e046
SS		 687 <refsect1>
688 <title>[GENEVE] Section Options</title>
689 <para>The <literal>[GENEVE]</literal> section only applies for
690 netdevs of kind <literal>geneve</literal>, and accepts the
691 following keys:</para>
692
693 <variablelist class='network-directives'>
694 <varlistentry>
695 <term><varname>Id=</varname></term>
696 <listitem>
785889e5 697 <para>Specifies the Virtual Network Identifier (VNI) to use. Ranges [0-16777215].</para>
6598e046
SS		 698 </listitem>
699 </varlistentry>
700 <varlistentry>
701 <term><varname>Remote=</varname></term>
702 <listitem>
703 <para>Specifies the unicast destination IP address to use in outgoing packets.</para>
704 </listitem>
705 </varlistentry>
706 <varlistentry>
707 <term><varname>TOS=</varname></term>
708 <listitem>
98616735 709 <para>Specifies the TOS value to use in outgoing packets. Ranges [1-255].</para>
6598e046
SS		 710 </listitem>
711 </varlistentry>
712 <varlistentry>
713 <term><varname>TTL=</varname></term>
714 <listitem>
98616735 715 <para>Specifies the TTL value to use in outgoing packets. Ranges [1-255].</para>
6598e046
SS		 716 </listitem>
717 </varlistentry>
718 <varlistentry>
719 <term><varname>UDPChecksum=</varname></term>
720 <listitem>
721 <para>A boolean. When true, specifies if UDP checksum is calculated for transmitted packets over IPv4.</para>
722 </listitem>
723 </varlistentry>
724 <varlistentry>
725 <term><varname>UDP6ZeroChecksumTx=</varname></term>
726 <listitem>
727 <para>A boolean. When true, skip UDP checksum calculation for transmitted packets over IPv6.</para>
728 </listitem>
729 </varlistentry>
730 <varlistentry>
731 <term><varname>UDP6ZeroChecksumRx=</varname></term>
732 <listitem>
733 <para>A boolean. When true, allows incoming UDP packets over IPv6 with zero checksum field.</para>
734 </listitem>
735 </varlistentry>
736 <varlistentry>
737 <term><varname>DestinationPort=</varname></term>
738 <listitem>
98616735
SS		 739 <para>Specifies destination port. Defaults to 6081. If not set or assigned the empty string, the default
740 port of 6081 is used.</para>
6598e046
SS		 741 </listitem>
742 </varlistentry>
743 <varlistentry>
744 <term><varname>FlowLabel=</varname></term>
745 <listitem>
746 <para>Specifies the flow label to use in outgoing packets.</para>
747 </listitem>
748 </varlistentry>
749 </variablelist>
750 </refsect1>
798d3a52
ZJS		 751 <refsect1>
752 <title>[Tunnel] Section Options</title>
753
754 <para>The <literal>[Tunnel]</literal> section only applies for
755 netdevs of kind
756 <literal>ipip</literal>,
757 <literal>sit</literal>,
758 <literal>gre</literal>,
759 <literal>gretap</literal>,
760 <literal>ip6gre</literal>,
761 <literal>ip6gretap</literal>,
5cc0748e
SS		 762 <literal>vti</literal>,
763 <literal>vti6</literal>, and
798d3a52
ZJS		 764 <literal>ip6tnl</literal> and accepts
765 the following keys:</para>
766
767 <variablelist class='network-directives'>
768 <varlistentry>
769 <term><varname>Local=</varname></term>
770 <listitem>
771 <para>A static local address for tunneled packets. It must
772 be an address on another interface of this host.</para>
773 </listitem>
774 </varlistentry>
775 <varlistentry>
776 <term><varname>Remote=</varname></term>
777 <listitem>
778 <para>The remote endpoint of the tunnel.</para>
779 </listitem>
780 </varlistentry>
781 <varlistentry>
782 <term><varname>TOS=</varname></term>
783 <listitem>
784 <para>The Type Of Service byte value for a tunnel interface.
b938cb90 785 For details about the TOS, see the
798d3a52
ZJS		 786 <ulink url="http://tools.ietf.org/html/rfc1349"> Type of
787 Service in the Internet Protocol Suite </ulink> document.
788 </para>
789 </listitem>
790 </varlistentry>
791 <varlistentry>
792 <term><varname>TTL=</varname></term>
793 <listitem>
794 <para>A fixed Time To Live N on tunneled packets. N is a
b938cb90 795 number in the range 1–255. 0 is a special value meaning that
798d3a52 796 packets inherit the TTL value. The default value for IPv4
b938cb90 797 tunnels is: inherit. The default value for IPv6 tunnels is
798d3a52
ZJS		 798 64.</para>
799 </listitem>
800 </varlistentry>
801 <varlistentry>
802 <term><varname>DiscoverPathMTU=</varname></term>
803 <listitem>
804 <para>A boolean. When true, enables Path MTU Discovery on
805 the tunnel.</para>
806 </listitem>
807 </varlistentry>
276de526
SS		 808 <varlistentry>
809 <term><varname>IPv6FlowLabel=</varname></term>
810 <listitem>
a8eaaee7 811 <para>Configures the 20-bit flow label (see <ulink url="https://tools.ietf.org/html/rfc6437">
276de526 812 RFC 6437</ulink>) field in the IPv6 header (see <ulink url="https://tools.ietf.org/html/rfc2460">
a8eaaee7
JE		 813 RFC 2460</ulink>), which is used by a node to label packets of a flow.
814 It is only used for IPv6 tunnels.
815 A flow label of zero is used to indicate packets that have
816 not been labeled.
817 It can be configured to a value in the range 0–0xFFFFF, or be
818 set to <literal>inherit</literal>, in which case the original flowlabel is used.</para>
276de526
SS		 819 </listitem>
820 </varlistentry>
9b0ca30a 821 <varlistentry>
a9b70f9d 822 <term><varname>CopyDSCP=</varname></term>
9b0ca30a 823 <listitem>
3cf4bcab
ZJS		 824 <para>A boolean. When true, the Differentiated Service Code
825 Point (DSCP) field will be copied to the inner header from
a9b70f9d 826 outer header during the decapsulation of an IPv6 tunnel
3cf4bcab
ZJS		 827 packet. DSCP is a field in an IP packet that enables different
828 levels of service to be assigned to network traffic.
829 Defaults to <literal>no</literal>.
9b0ca30a
SS		 830 </para>
831 </listitem>
832 </varlistentry>
dae398a8
SS		 833 <varlistentry>
834 <term><varname>EncapsulationLimit=</varname></term>
835 <listitem>
836 <para>The Tunnel Encapsulation Limit option specifies how many additional
837 levels of encapsulation are permitted to be prepended to the packet.
838 For example, a Tunnel Encapsulation Limit option containing a limit
839 value of zero means that a packet carrying that option may not enter
840 another tunnel before exiting the current tunnel.
841 (see <ulink url="https://tools.ietf.org/html/rfc2473#section-4.1.1"> RFC 2473</ulink>).
b938cb90 842 The valid range is 0–255 and <literal>none</literal>. Defaults to 4.
dae398a8
SS		 843 </para>
844 </listitem>
845 </varlistentry>
1d710029
SS		 846 <varlistentry>
847 <term><varname>Key=</varname></term>
848 <listitem>
849 <para>The <varname>Key=</varname> parameter specifies the same key to use in
850 both directions (<varname>InputKey=</varname> and <varname>OutputKey=</varname>).
851 The <varname>Key=</varname> is either a number or an IPv4 address-like dotted quad.
852 It is used as mark-configured SAD/SPD entry as part of the lookup key (both in data
853 and control path) in ip xfrm (framework used to implement IPsec protocol).
854 See <ulink url="http://man7.org/linux/man-pages/man8/ip-xfrm.8.html">
e306f2df 855 ip-xfrm — transform configuration</ulink> for details. It is only used for VTI/VTI6
1d710029
SS		 856 tunnels.</para>
857 </listitem>
858 </varlistentry>
859 <varlistentry>
860 <term><varname>InputKey=</varname></term>
861 <listitem>
862 <para>The <varname>InputKey=</varname> parameter specifies the key to use for input.
863 The format is same as <varname>Key=</varname>. It is only used for VTI/VTI6 tunnels.</para>
864 </listitem>
865 </varlistentry>
866 <varlistentry>
867 <term><varname>OutputKey=</varname></term>
868 <listitem>
869 <para>The <varname>OutputKey=</varname> parameter specifies the key to use for output.
870 The format is same as <varname>Key=</varname>. It is only used for VTI/VTI6 tunnels.</para>
871 </listitem>
872 </varlistentry>
798d3a52
ZJS		 873 <varlistentry>
874 <term><varname>Mode=</varname></term>
875 <listitem>
a8eaaee7 876 <para>An <literal>ip6tnl</literal> tunnel can be in one of three
798d3a52
ZJS		 877 modes
878 <literal>ip6ip6</literal> for IPv6 over IPv6,
879 <literal>ipip6</literal> for IPv4 over IPv6 or
880 <literal>any</literal> for either.
881 </para>
882 </listitem>
883 </varlistentry>
4d7fa6de
SS		 884 <varlistentry>
885 <term><varname>Independent=</varname></term>
886 <listitem>
887 <para>A boolean. When true tunnel does not require .network file. Created as "tunnel@NONE".
888 Defaults to <literal>false</literal>.
889 </para>
890 </listitem>
891 </varlistentry>
798d3a52
ZJS		 892 </variablelist>
893 </refsect1>
894 <refsect1>
895 <title>[Peer] Section Options</title>
896
897 <para>The <literal>[Peer]</literal> section only applies for
898 netdevs of kind <literal>veth</literal> and accepts the
a8eaaee7 899 following keys:</para>
798d3a52
ZJS		 900
901 <variablelist class='network-directives'>
902 <varlistentry>
903 <term><varname>Name=</varname></term>
904 <listitem>
905 <para>The interface name used when creating the netdev.
906 This option is compulsory.</para>
907 </listitem>
908 </varlistentry>
909 <varlistentry>
910 <term><varname>MACAddress=</varname></term>
911 <listitem>
b938cb90 912 <para>The peer MACAddress, if not set, it is generated in
798d3a52
ZJS		 913 the same way as the MAC address of the main
914 interface.</para>
915 </listitem>
916 </varlistentry>
917 </variablelist>
918 </refsect1>
d6df583c
SS		 919 <refsect1>
920 <title>[VXCAN] Section Options</title>
921 <para>The <literal>[VXCAN]</literal> section only applies for
922 netdevs of kind <literal>vxcan</literal> and accepts the
923 following key:</para>
924
925 <variablelist class='network-directives'>
926 <varlistentry>
927 <term><varname>Peer=</varname></term>
928 <listitem>
929 <para>The peer interface name used when creating the netdev.
930 This option is compulsory.</para>
931 </listitem>
932 </varlistentry>
933 </variablelist>
934 </refsect1>
798d3a52
ZJS		 935 <refsect1>
936 <title>[Tun] Section Options</title>
937
938 <para>The <literal>[Tun]</literal> section only applies for
939 netdevs of kind <literal>tun</literal>, and accepts the following
940 keys:</para>
941
942 <variablelist class='network-directives'>
943 <varlistentry>
944 <term><varname>OneQueue=</varname></term>
945 <listitem><para>Takes a boolean argument. Configures whether
946 all packets are queued at the device (enabled), or a fixed
947 number of packets are queued at the device and the rest at the
948 <literal>qdisc</literal>. Defaults to
949 <literal>no</literal>.</para>
950 </listitem>
951 </varlistentry>
952 <varlistentry>
953 <term><varname>MultiQueue=</varname></term>
954 <listitem><para>Takes a boolean argument. Configures whether
955 to use multiple file descriptors (queues) to parallelize
956 packets sending and receiving. Defaults to
957 <literal>no</literal>.</para>
958 </listitem>
959 </varlistentry>
960 <varlistentry>
961 <term><varname>PacketInfo=</varname></term>
962 <listitem><para>Takes a boolean argument. Configures whether
ff9b60f3 963 packets should be prepended with four extra bytes (two flag
b938cb90 964 bytes and two protocol bytes). If disabled, it indicates that
798d3a52
ZJS		 965 the packets will be pure IP packets. Defaults to
966 <literal>no</literal>.</para>
967 </listitem>
968 </varlistentry>
43f78da4 969 <varlistentry>
2aba142e 970 <term><varname>VNetHeader=</varname></term>
43f78da4
SS		 971 <listitem><para>Takes a boolean argument. Configures
972 IFF_VNET_HDR flag for a tap device. It allows sending
973 and receiving larger Generic Segmentation Offload (GSO)
974 packets. This may increase throughput significantly.
975 Defaults to
976 <literal>no</literal>.</para>
977 </listitem>
978 </varlistentry>
798d3a52
ZJS		 979 <varlistentry>
980 <term><varname>User=</varname></term>
981 <listitem><para>User to grant access to the
982 <filename>/dev/net/tun</filename> device.</para>
983 </listitem>
984 </varlistentry>
985 <varlistentry>
986 <term><varname>Group=</varname></term>
987 <listitem><para>Group to grant access to the
988 <filename>/dev/net/tun</filename> device.</para>
989 </listitem>
990 </varlistentry>
991
992 </variablelist>
993
994 </refsect1>
995
996 <refsect1>
997 <title>[Tap] Section Options</title>
998
999 <para>The <literal>[Tap]</literal> section only applies for
1000 netdevs of kind <literal>tap</literal>, and accepts the same keys
1001 as the <literal>[Tun]</literal> section.</para>
1002 </refsect1>
1003
1004 <refsect1>
1005 <title>[Bond] Section Options</title>
1006
1007 <para>The <literal>[Bond]</literal> section accepts the following
1008 key:</para>
1009
1010 <variablelist class='network-directives'>
1011 <varlistentry>
1012 <term><varname>Mode=</varname></term>
1013 <listitem>
1014 <para>Specifies one of the bonding policies. The default is
1015 <literal>balance-rr</literal> (round robin). Possible values are
1016 <literal>balance-rr</literal>,
1017 <literal>active-backup</literal>,
1018 <literal>balance-xor</literal>,
1019 <literal>broadcast</literal>,
1020 <literal>802.3ad</literal>,
1021 <literal>balance-tlb</literal>, and
1022 <literal>balance-alb</literal>.
1023 </para>
1024 </listitem>
1025 </varlistentry>
1026
1027 <varlistentry>
1028 <term><varname>TransmitHashPolicy=</varname></term>
1029 <listitem>
1030 <para>Selects the transmit hash policy to use for slave
1031 selection in balance-xor, 802.3ad, and tlb modes. Possible
1032 values are
1033 <literal>layer2</literal>,
1034 <literal>layer3+4</literal>,
1035 <literal>layer2+3</literal>,
4d89618a 1036 <literal>encap2+3</literal>, and
798d3a52
ZJS		 1037 <literal>encap3+4</literal>.
1038 </para>
1039 </listitem>
1040 </varlistentry>
1041
1042 <varlistentry>
1043 <term><varname>LACPTransmitRate=</varname></term>
1044 <listitem>
1045 <para>Specifies the rate with which link partner transmits
1046 Link Aggregation Control Protocol Data Unit packets in
1047 802.3ad mode. Possible values are <literal>slow</literal>,
1048 which requests partner to transmit LACPDUs every 30 seconds,
1049 and <literal>fast</literal>, which requests partner to
1050 transmit LACPDUs every second. The default value is
1051 <literal>slow</literal>.</para>
1052 </listitem>
1053 </varlistentry>
1054
1055 <varlistentry>
1056 <term><varname>MIIMonitorSec=</varname></term>
1057 <listitem>
1058 <para>Specifies the frequency that Media Independent
1059 Interface link monitoring will occur. A value of zero
dd2b607b 1060 disables MII link monitoring. This value is rounded down to
798d3a52
ZJS		 1061 the nearest millisecond. The default value is 0.</para>
1062 </listitem>
1063 </varlistentry>
1064
1065 <varlistentry>
1066 <term><varname>UpDelaySec=</varname></term>
1067 <listitem>
1068 <para>Specifies the delay before a link is enabled after a
1069 link up status has been detected. This value is rounded down
1070 to a multiple of MIIMonitorSec. The default value is
1071 0.</para>
1072 </listitem>
1073 </varlistentry>
1074
1075 <varlistentry>
1076 <term><varname>DownDelaySec=</varname></term>
1077 <listitem>
1078 <para>Specifies the delay before a link is disabled after a
1079 link down status has been detected. This value is rounded
1080 down to a multiple of MIIMonitorSec. The default value is
1081 0.</para>
1082 </listitem>
1083 </varlistentry>
1084
81bd37a8 1085 <varlistentry>
38422da7 1086 <term><varname>LearnPacketIntervalSec=</varname></term>
81bd37a8
SS		 1087 <listitem>
1088 <para>Specifies the number of seconds between instances where the bonding
a8eaaee7
JE		 1089 driver sends learning packets to each slave peer switch.
1090 The valid range is 1–0x7fffffff; the default value is 1. This option
1091 has an effect only for the balance-tlb and balance-alb modes.</para>
81bd37a8
SS		 1092 </listitem>
1093 </varlistentry>
1094
1095 <varlistentry>
1096 <term><varname>AdSelect=</varname></term>
1097 <listitem>
1098 <para>Specifies the 802.3ad aggregation selection logic to use. Possible values are
1099 <literal>stable</literal>,
a8eaaee7
JE		 1100 <literal>bandwidth</literal> and
1101 <literal>count</literal>.
81bd37a8
SS		 1102 </para>
1103 </listitem>
1104 </varlistentry>
1105
1106 <varlistentry>
38422da7 1107 <term><varname>FailOverMACPolicy=</varname></term>
81bd37a8 1108 <listitem>
a8eaaee7
JE		 1109 <para>Specifies whether the active-backup mode should set all slaves to
1110 the same MAC address at the time of enslavement or, when enabled, to perform special handling of the
81bd37a8
SS		 1111 bond's MAC address in accordance with the selected policy. The default policy is none.
1112 Possible values are
1113 <literal>none</literal>,
a8eaaee7
JE		 1114 <literal>active</literal> and
1115 <literal>follow</literal>.
81bd37a8
SS		 1116 </para>
1117 </listitem>
1118 </varlistentry>
1119
1120 <varlistentry>
38422da7 1121 <term><varname>ARPValidate=</varname></term>
81bd37a8
SS		 1122 <listitem>
1123 <para>Specifies whether or not ARP probes and replies should be
38422da7 1124 validated in any mode that supports ARP monitoring, or whether
81bd37a8
SS		 1125 non-ARP traffic should be filtered (disregarded) for link
1126 monitoring purposes. Possible values are
1127 <literal>none</literal>,
1128 <literal>active</literal>,
a8eaaee7
JE		 1129 <literal>backup</literal> and
1130 <literal>all</literal>.
81bd37a8
SS		 1131 </para>
1132 </listitem>
1133 </varlistentry>
1134
1135 <varlistentry>
38422da7 1136 <term><varname>ARPIntervalSec=</varname></term>
81bd37a8
SS		 1137 <listitem>
1138 <para>Specifies the ARP link monitoring frequency in milliseconds.
1139 A value of 0 disables ARP monitoring. The default value is 0.
1140 </para>
1141 </listitem>
1142 </varlistentry>
1143
1144 <varlistentry>
38422da7 1145 <term><varname>ARPIPTargets=</varname></term>
81bd37a8
SS		 1146 <listitem>
1147 <para>Specifies the IP addresses to use as ARP monitoring peers when
38422da7 1148 ARPIntervalSec is greater than 0. These are the targets of the ARP request
81bd37a8 1149 sent to determine the health of the link to the targets.
a8eaaee7 1150 Specify these values in IPv4 dotted decimal format. At least one IP
81bd37a8
SS		 1151 address must be given for ARP monitoring to function. The
1152 maximum number of targets that can be specified is 16. The
1153 default value is no IP addresses.
1154 </para>
1155 </listitem>
1156 </varlistentry>
1157
1158 <varlistentry>
38422da7 1159 <term><varname>ARPAllTargets=</varname></term>
81bd37a8 1160 <listitem>
38422da7 1161 <para>Specifies the quantity of ARPIPTargets that must be reachable
81bd37a8
SS		 1162 in order for the ARP monitor to consider a slave as being up.
1163 This option affects only active-backup mode for slaves with
38422da7 1164 ARPValidate enabled. Possible values are
a8eaaee7
JE		 1165 <literal>any</literal> and
1166 <literal>all</literal>.
81bd37a8
SS		 1167 </para>
1168 </listitem>
1169 </varlistentry>
1170
1171 <varlistentry>
38422da7 1172 <term><varname>PrimaryReselectPolicy=</varname></term>
81bd37a8
SS		 1173 <listitem>
1174 <para>Specifies the reselection policy for the primary slave. This
1175 affects how the primary slave is chosen to become the active slave
1176 when failure of the active slave or recovery of the primary slave
1177 occurs. This option is designed to prevent flip-flopping between
1178 the primary slave and other slaves. Possible values are
1179 <literal>always</literal>,
a8eaaee7
JE		 1180 <literal>better</literal> and
1181 <literal>failure</literal>.
81bd37a8
SS		 1182 </para>
1183 </listitem>
1184 </varlistentry>
1185
1186 <varlistentry>
1187 <term><varname>ResendIGMP=</varname></term>
1188 <listitem>
1189 <para>Specifies the number of IGMP membership reports to be issued after
1190 a failover event. One membership report is issued immediately after
1191 the failover, subsequent packets are sent in each 200ms interval.
b938cb90 1192 The valid range is 0–255. Defaults to 1. A value of 0
81bd37a8
SS		 1193 prevents the IGMP membership report from being issued in response
1194 to the failover event.
1195 </para>
1196 </listitem>
1197 </varlistentry>
1198
1199 <varlistentry>
1200 <term><varname>PacketsPerSlave=</varname></term>
1201 <listitem>
b938cb90
JE		 1202 <para>Specify the number of packets to transmit through a slave before
1203 moving to the next one. When set to 0, then a slave is chosen at
1204 random. The valid range is 0–65535. Defaults to 1. This option
a8eaaee7 1205 only has effect when in balance-rr mode.
81bd37a8
SS		 1206 </para>
1207 </listitem>
1208 </varlistentry>
1209
1210 <varlistentry>
38422da7 1211 <term><varname>GratuitousARP=</varname></term>
81bd37a8
SS		 1212 <listitem>
1213 <para>Specify the number of peer notifications (gratuitous ARPs and
1214 unsolicited IPv6 Neighbor Advertisements) to be issued after a
b938cb90 1215 failover event. As soon as the link is up on the new slave,
81bd37a8
SS		 1216 a peer notification is sent on the bonding device and each
1217 VLAN sub-device. This is repeated at each link monitor interval
38422da7 1218 (ARPIntervalSec or MIIMonitorSec, whichever is active) if the number is
a8eaaee7 1219 greater than 1. The valid range is 0–255. The default value is 1.
38422da7 1220 These options affect only the active-backup mode.
81bd37a8
SS		 1221 </para>
1222 </listitem>
1223 </varlistentry>
1224
1225 <varlistentry>
1226 <term><varname>AllSlavesActive=</varname></term>
1227 <listitem>
a8eaaee7
JE		 1228 <para>A boolean. Specifies that duplicate frames (received on inactive ports)
1229 should be dropped when false, or delivered when true. Normally, bonding will drop
81bd37a8
SS		 1230 duplicate frames (received on inactive ports), which is desirable for
1231 most users. But there are some times it is nice to allow duplicate
1232 frames to be delivered. The default value is false (drop duplicate frames
1233 received on inactive ports).
1234 </para>
1235 </listitem>
1236 </varlistentry>
1237
1238 <varlistentry>
1239 <term><varname>MinLinks=</varname></term>
1240 <listitem>
1241 <para>Specifies the minimum number of links that must be active before
1242 asserting carrier. The default value is 0.
1243 </para>
1244 </listitem>
1245 </varlistentry>
798d3a52 1246 </variablelist>
81bd37a8
SS		 1247
1248 <para>For more detail information see
1249 <ulink url="https://www.kernel.org/doc/Documentation/networking/bonding.txt">
1250 Linux Ethernet Bonding Driver HOWTO</ulink></para>
1251
798d3a52
ZJS		 1252 </refsect1>
1253
1254 <refsect1>
1255 <title>Example</title>
1256 <example>
6c1695be 1257 <title>/etc/systemd/network/25-bridge.netdev</title>
798d3a52
ZJS		 1258
1259 <programlisting>[NetDev]
eac684ef
TG		 1260Name=bridge0
1261Kind=bridge</programlisting>
798d3a52 1262 </example>
eac684ef 1263
798d3a52 1264 <example>
6c1695be 1265 <title>/etc/systemd/network/25-vlan1.netdev</title>
eac684ef 1266
798d3a52 1267 <programlisting>[Match]
eac684ef
TG		 1268Virtualization=no
1269
1270[NetDev]
1271Name=vlan1
1272Kind=vlan
1273
1274[VLAN]
1275Id=1</programlisting>
798d3a52
ZJS		 1276 </example>
1277 <example>
6c1695be 1278 <title>/etc/systemd/network/25-ipip.netdev</title>
798d3a52 1279 <programlisting>[NetDev]
b35a2909
TG		 1280Name=ipip-tun
1281Kind=ipip
1282MTUBytes=1480
1283
1284[Tunnel]
1285Local=192.168.223.238
1286Remote=192.169.224.239
1287TTL=64</programlisting>
798d3a52
ZJS		 1288 </example>
1289 <example>
6c1695be 1290 <title>/etc/systemd/network/25-tap.netdev</title>
798d3a52 1291 <programlisting>[NetDev]
30ae9dfd
SS		 1292Name=tap-test
1293Kind=tap
1294
1295[Tap]
1296MultiQueue=true
1297PacketInfo=true</programlisting> </example>
eac684ef 1298
798d3a52 1299 <example>
6c1695be 1300 <title>/etc/systemd/network/25-sit.netdev</title>
798d3a52 1301 <programlisting>[NetDev]
b35a2909
TG		 1302Name=sit-tun
1303Kind=sit
1304MTUBytes=1480
1305
1306[Tunnel]
1307Local=10.65.223.238
1308Remote=10.65.223.239</programlisting>
798d3a52 1309 </example>
eac684ef 1310
798d3a52 1311 <example>
6c1695be 1312 <title>/etc/systemd/network/25-gre.netdev</title>
798d3a52 1313 <programlisting>[NetDev]
b35a2909
TG		 1314Name=gre-tun
1315Kind=gre
1316MTUBytes=1480
1317
1318[Tunnel]
1319Local=10.65.223.238
1320Remote=10.65.223.239</programlisting>
798d3a52 1321 </example>
b35a2909 1322
798d3a52 1323 <example>
6c1695be 1324 <title>/etc/systemd/network/25-vti.netdev</title>
b35a2909 1325
798d3a52 1326 <programlisting>[NetDev]
b35a2909
TG		 1327Name=vti-tun
1328Kind=vti
1329MTUBytes=1480
1330
1331[Tunnel]
1332Local=10.65.223.238
1333Remote=10.65.223.239</programlisting>
798d3a52 1334 </example>
b35a2909 1335
798d3a52 1336 <example>
6c1695be 1337 <title>/etc/systemd/network/25-veth.netdev</title>
798d3a52 1338 <programlisting>[NetDev]
b35a2909
TG		 1339Name=veth-test
1340Kind=veth
1341
1342[Peer]
1343Name=veth-peer</programlisting>
798d3a52 1344 </example>
b35a2909 1345
d94facdc 1346 <example>
6c1695be 1347 <title>/etc/systemd/network/25-bond.netdev</title>
d94facdc
MH		 1348 <programlisting>[NetDev]
1349Name=bond1
1350Kind=bond
1351
1352[Bond]
1353Mode=802.3ad
1354TransmitHashPolicy=layer3+4
1355MIIMonitorSec=1s
1356LACPTransmitRate=fast
1357</programlisting>
1358 </example>
1359
798d3a52 1360 <example>
6c1695be 1361 <title>/etc/systemd/network/25-dummy.netdev</title>
798d3a52 1362 <programlisting>[NetDev]
9e358851
TG		 1363Name=dummy-test
1364Kind=dummy
1365MACAddress=12:34:56:78:9a:bc</programlisting>
798d3a52 1366 </example>
20897a0d
AR		 1367 <example>
1368 <title>/etc/systemd/network/25-vrf.netdev</title>
037a3ded 1369 <para>Create a VRF interface with table 42.</para>
20897a0d
AR		 1370 <programlisting>[NetDev]
1371Name=vrf-test
1372Kind=vrf
798d3a52 1373
20897a0d 1374[VRF]
362f6336 1375Table=42</programlisting>
20897a0d 1376 </example>
42125eda
SS		 1377
1378 <example>
1379 <title>/etc/systemd/network/25-macvtap.netdev</title>
1380 <para>Create a MacVTap device.</para>
1381 <programlisting>[NetDev]
1382Name=macvtap-test
1383Kind=macvtap
1384 </programlisting>
1385 </example>
798d3a52
ZJS		 1386 </refsect1>
1387 <refsect1>
1388 <title>See Also</title>
1389 <para>
1390 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
1391 <citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
1392 <citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1393 <citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
1394 </para>
1395 </refsect1>
eac684ef
TG		 1396
1397</refentry>
Unnamed repository; edit this file 'description' to name the repository.