<para> For example, disabling ARP is useful when creating multiple MACVLAN or VLAN virtual
interfaces atop a single lower-level physical interface, which will then only serve as a
link/"bridge" device aggregating traffic to the same physical link and not participate in
- the network otherwise.</para>
+ the network otherwise. Defaults to unset.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Multicast=</varname></term>
<listitem>
- <para>Takes a boolean. If set to true, the multicast flag on the device is enabled.</para>
+ <para>Takes a boolean. If set to true, the multicast flag on the device is enabled. Defaults to unset.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>AllMulticast=</varname></term>
<listitem>
<para>Takes a boolean. If set to true, the driver retrieves all multicast packets from the network.
- This happens when multicast routing is enabled.</para>
+ This happens when multicast routing is enabled. Defaults to unset.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>Promiscuous=</varname></term>
+ <listitem>
+ <para>Takes a boolean. If set to true, promiscuous mode of the interface is enabled.
+ Defaults to unset.</para>
</listitem>
</varlistentry>
<varlistentry>
<para>Link groups are similar to port ranges found in managed switches.
When network interfaces are added to a numbered group, operations on
all the interfaces from that group can be performed at once. An unsigned
- integer in the range 0â\80\944294967294. Defaults to unset.</para>
+ integer in the range 0â\80¦4294967294. Defaults to unset.</para>
</listitem>
</varlistentry>
<varlistentry>
if <literal>RequiredForOnline=no</literal>.</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>ActivationPolicy=</varname></term>
+ <listitem>
+ <para>Specifies the policy for <command>systemd-networkd</command> managing the link
+ administrative state. Specifically, this controls how <command>systemd-networkd</command>
+ changes the network device's <literal>IFF_UP</literal> flag, which is sometimes
+ controlled by system administrators by running e.g., <command>ip set dev eth0 up</command>
+ or <command>ip set dev eth0 down</command>, and can also be changed with
+ <command>networkctl up eth0</command> or <command>networkctl down eth0</command>.</para>
+
+ <para>Takes one of <literal>up</literal>, <literal>always-up</literal>,
+ <literal>manual</literal>, <literal>always-down</literal>, <literal>down</literal>,
+ or <literal>bound</literal>. When <literal>manual</literal>, <command>systemd-networkd</command>
+ will not change the link's admin state automatically; the system administrator must bring the
+ interface up or down manually, as desired. When <literal>up</literal> (the default) or
+ <literal>always-up</literal>, or <literal>down</literal> or <literal>always-down</literal>,
+ <command>systemd-networkd</command> will set the link up or down, respectively,
+ when the interface is (re)configured. When <literal>always-up</literal> or
+ <literal>always-down</literal>, <command>systemd-networkd</command> will set the link up
+ or down, respectively, any time <command>systemd-networkd</command> detects a change in
+ the administrative state. When <varname>BindCarrier=</varname> is also set, this is
+ automatically set to <literal>bound</literal> and any other value is ignored.</para>
+
+ <para>The administrative state is not the same as the carrier state, so using
+ <literal>always-up</literal> does not mean the link will never lose carrier. The link
+ carrier depends on both the administrative state as well as the network device's physical
+ connection. However, to avoid reconfiguration failures, when using <literal>always-up</literal>,
+ <varname>IgnoreCarrierLoss=</varname> is forced to true.</para>
+ </listitem>
+ </varlistentry>
</variablelist>
</refsect1>
<term><varname>VirtualFunction=</varname></term>
<listitem>
<para>Specifies a Virtual Function (VF), lightweight PCIe function designed solely to move data
- in and out. Takes an unsigned integer in the range 0..2147483646. This option is compulsory.</para>
+ in and out. Takes an unsigned integer in the range 0…2147483646. This option is compulsory.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>VLANId=</varname></term>
<listitem>
- <para>Specifies VLAN ID of the virtual function. Takes an unsigned integer in the range 1..4095.</para>
+ <para>Specifies VLAN ID of the virtual function. Takes an unsigned integer in the range 1…4095.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>QualityOfService=</varname></term>
<listitem>
- <para>Specifies quality of service of the virtual function. Takes an unsigned integer in the range 1..4294967294.</para>
+ <para>Specifies quality of service of the virtual function. Takes an unsigned integer in the range 1…4294967294.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>LinkLocalAddressing=</varname></term>
<listitem>
- <para>Enables link-local address autoconfiguration. Accepts <literal>yes</literal>,
- <literal>no</literal>, <literal>ipv4</literal>, <literal>ipv6</literal>,
- <literal>fallback</literal>, or <literal>ipv4-fallback</literal>. If
- <literal>fallback</literal> or <literal>ipv4-fallback</literal> is specified, then an IPv4
- link-local address is configured only when DHCPv4 fails. If <literal>fallback</literal>,
- an IPv6 link-local address is always configured, and if <literal>ipv4-fallback</literal>,
- the address is not configured. Note that, the fallback mechanism works only when DHCPv4
- client is enabled, that is, it requires <literal>DHCP=yes</literal> or
- <literal>DHCP=ipv4</literal>. If <varname>Bridge=</varname> is set, defaults to
- <literal>no</literal>, and if not, defaults to <literal>ipv6</literal>.
- </para>
+ <para>Enables link-local address autoconfiguration. Accepts <option>yes</option>,
+ <option>no</option>, <option>ipv4</option>, and <option>ipv6</option>. An IPv6 link-local address
+ is configured when <option>yes</option> or <option>ipv6</option>. An IPv4 link-local address is
+ configured when <option>yes</option> or <option>ipv4</option> and when DHCPv4 autoconfiguration
+ has been unsuccessful for some time. (IPv4 link-local address autoconfiguration will usually
+ happen in parallel with repeated attempts to acquire a DHCPv4 lease).</para>
+
+ <para>Defaults to <option>no</option> when <varname>Bridge=yes</varname> is set, and
+ <option>ipv6</option> otherwise.</para>
</listitem>
</varlistentry>
<varlistentry>
<listitem>
<para>A link name or a list of link names. When set, controls the behavior of the current
link. When all links in the list are in an operational down state, the current link is brought
- down. When at least one link has carrier, the current interface is brought up.
- </para>
+ down. When at least one link has carrier, the current interface is brought up.</para>
+
+ <para>This forces <varname>ActivationPolicy=</varname> to be set to <literal>bound</literal>.</para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry>
<term><varname>DNS=</varname></term>
<listitem>
- <para>A DNS server address, which must be in the format
- described in
+ <para>A DNS server address, which must be in the format described in
<citerefentry project='man-pages'><refentrytitle>inet_pton</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
This option may be specified more than once. Each address can optionally take a port number
separated with <literal>:</literal>, a network interface name or index separated with
When IPv6 address is specified with a port number, then the address must be in the square
brackets. That is, the acceptable full formats are
<literal>111.222.333.444:9953%ifname#example.com</literal> for IPv4 and
- <literal>[1111:2222::3333]:9953%ifname#example.com</literal> for IPv6. This setting can be
- specified multiple times. If an empty string is assigned, then the all previous assignments
- are cleared. This setting is read by
+ <literal>[1111:2222::3333]:9953%ifname#example.com</literal> for IPv6. If an empty string is
+ assigned, then the all previous assignments are cleared. This setting is read by
<citerefentry><refentrytitle>systemd-resolved.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<listitem><para>Configures IP masquerading for the network
interface. If enabled, packets forwarded from the network
interface will be appear as coming from the local host.
- Takes a boolean argument. Implies
- <varname>IPForward=ipv4</varname>. Defaults to
- <literal>no</literal>.</para></listitem>
+ Takes one of <literal>ipv4</literal>, <literal>ipv6</literal>,
+ <literal>both</literal>, <literal>no</literal>.
+ The setting <literal>yes</literal> is the same as <literal>ipv4</literal> and not as
+ <literal>both</literal>!
+ Defaults to <literal>no</literal>.
+ If enabled, this automatically sets <varname>IPForward</varname> to one of
+ <literal>ipv4</literal>, <literal>ipv6</literal> or <literal>both</literal>.
+ </para></listitem>
</varlistentry>
<varlistentry>
<term><varname>IPv6PrivacyExtensions=</varname></term>
configured on another link. By default, an address within each delegated prefix will be
assigned, and the prefixes will be announced through IPv6 Router Advertisement when
<varname>IPv6SendRA=</varname> is enabled. Such default settings can be configured in
- [DHCPv6PrefixDelegation] section.</para></listitem>
+ [DHCPv6PrefixDelegation] section. Defaults to disabled.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>IPv6MTUBytes=</varname></term>
of the interface even if its carrier is lost. When unset, the value specified with
<option>ConfigureWithoutCarrier=</option> is used.
</para>
+
+ <para>When <varname>ActivationPolicy=</varname> is set to <literal>always-up</literal>, this
+ is forced to <literal>true</literal>.
+ </para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry>
<term><varname>PreferredLifetime=</varname></term>
<listitem>
- <para>Allows the default "preferred lifetime" of the address to be overridden.
- Only three settings are accepted: <literal>forever</literal> or <literal>infinity</literal>
- which is the default and means that the address never expires, and <literal>0</literal> which means
- that the address is considered immediately "expired" and will not be used,
- unless explicitly requested. A setting of PreferredLifetime=0 is useful for
- addresses which are added to be used only by a specific application,
- which is then configured to use them explicitly.</para>
+ <para>Allows the default "preferred lifetime" of the address to be overridden. Only three
+ settings are accepted: <literal>forever</literal>, <literal>infinity</literal>, which is the
+ default and means that the address never expires, and <literal>0</literal>, which means that the
+ address is considered immediately "expired" and will not be used, unless explicitly requested. A
+ setting of <option>PreferredLifetime=0</option> is useful for addresses which are added to be
+ used only by a specific application, which is then configured to use them explicitly.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Scope=</varname></term>
<listitem>
- <para>The scope of the address, which can be <literal>global</literal>,
- <literal>link</literal> or <literal>host</literal> or an unsigned integer in the range 0—255.
+ <para>The scope of the address, which can be
+ <literal>global</literal> (valid everywhere on the network, even through a gateway),
+ <literal>link</literal> (only valid on this device, will not traverse a gateway) or
+ <literal>host</literal> (only valid within the device itself, e.g. 127.0.0.1)
+ or an unsigned integer in the range 0…255.
Defaults to <literal>global</literal>.</para>
</listitem>
</varlistentry>
<listitem>
<para>Takes a boolean. If true the kernel manage temporary addresses created
from this one as template on behalf of Privacy Extensions
- <ulink url="https://tools.ietf.org/html/rfc3041">RFC 3041</ulink>. For this to become
+ <ulink url="https://tools.ietf.org/html/rfc3041">RFC 3041</ulink>. For this to become
active, the use_tempaddr sysctl setting has to be set to a value greater than zero.
The given address needs to have a prefix length of 64. This flag allows using privacy
extensions in a manually configured network, just like if stateless auto-configuration
- was active. Defaults to false. </para>
+ was active. Defaults to false.</para>
</listitem>
</varlistentry>
<varlistentry>
<para>An [IPv6AddressLabel] section accepts the following keys. Specify several [IPv6AddressLabel]
sections to configure several address labels. IPv6 address labels are used for address selection. See
<ulink url="https://tools.ietf.org/html/rfc3484">RFC 3484</ulink>. Precedence is managed by userspace,
- and only the label itself is stored in the kernel</para>
+ and only the label itself is stored in the kernel.</para>
<variablelist class='network-directives'>
<varlistentry>
<varlistentry>
<term><varname>FirewallMark=</varname></term>
<listitem>
- <para>Specifies the iptables firewall mark value to match (a number between 1 and 4294967295).</para>
+ <para>Specifies the iptables firewall mark value to match (a number between 1 and
+ 4294967295). Optionally, the firewall mask (also a number between 1 and 4294967295) can be
+ suffixed with a slash (<literal>/</literal>), e.g., <literal>7/255</literal>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Table=</varname></term>
<listitem>
- <para>Specifies the routing table identifier to lookup if the rule selector matches. Takes
- one of <literal>default</literal>, <literal>main</literal>, and <literal>local</literal>,
+ <para>Specifies the routing table identifier to lookup if the rule selector matches. Takes one of predefined names
+ <literal>default</literal>, <literal>main</literal>, and <literal>local</literal>, and names defined in <varname>RouteTable=</varname>
+ in <citerefentry><refentrytitle>networkd.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
or a number between 1 and 4294967295. Defaults to <literal>main</literal>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>SuppressPrefixLength=</varname></term>
<listitem>
- <para>Takes a number <replaceable>N</replaceable> in the range 0-128 and rejects routing
+ <para>Takes a number <replaceable>N</replaceable> in the range 0…128 and rejects routing
decisions that have a prefix length of <replaceable>N</replaceable> or less. Defaults to
unset.</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>Type=</varname></term>
+ <listitem>
+ <para>Specifies Routing Policy Database (RPDB) rule type. Takes one of <literal>blackhole</literal>,
+ <literal>unreachable</literal> or <literal>prohibit</literal>.
+ </para>
+ </listitem>
+ </varlistentry>
</variablelist>
</refsect1>
set, then the gateway address provided by DHCPv4 or IPv6 RA is used.</para>
</listitem>
</varlistentry>
- <varlistentry>
- <term><varname>GatewayOnLink=</varname></term>
- <listitem>
- <para>Takes a boolean. If set to true, the kernel does not have
- to check if the gateway is reachable directly by the current machine (i.e., the kernel does
- not need to check if the gateway is attached to the local network), so that we can insert the
- route in the kernel table without it being complained about. Defaults to <literal>no</literal>.
- </para>
- </listitem>
- </varlistentry>
+ <varlistentry>
+ <term><varname>GatewayOnLink=</varname></term>
+ <listitem>
+ <para>Takes a boolean. If set to true, the kernel does not have to check if the gateway is
+ reachable directly by the current machine (i.e., the kernel does not need to check if the
+ gateway is attached to the local network), so that we can insert the route in the kernel
+ table without it being complained about. Defaults to <literal>no</literal>.</para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term><varname>Destination=</varname></term>
<listitem>
<varlistentry>
<term><varname>Scope=</varname></term>
<listitem>
- <para>The scope of the route, which can be <literal>global</literal>, <literal>site</literal>,
- <literal>link</literal>, <literal>host</literal>, or <literal>nowhere</literal>. For IPv4 route,
- defaults to <literal>host</literal> if <varname>Type=</varname> is <literal>local</literal>
- or <literal>nat</literal>, and <literal>link</literal> if <varname>Type=</varname> is
+ <para>The scope of the IPv4 route, which can be <literal>global</literal>, <literal>site</literal>,
+ <literal>link</literal>, <literal>host</literal>, or
+ <literal>nowhere</literal>:</para>
+ <itemizedlist>
+ <listitem><para><literal>global</literal> means the route can reach
+ hosts more than one hop away.</para></listitem>
+
+ <listitem><para><literal>site</literal> means an interior route in
+ the local autonomous system.</para></listitem>
+
+ <listitem><para><literal>link</literal> means the route can only
+ reach hosts on the local network (one hop away).</para></listitem>
+
+ <listitem><para><literal>host</literal> means the route will not
+ leave the local machine (used for internal addresses like
+ 127.0.0.1).</para></listitem>
+
+ <listitem><para><literal>nowhere</literal> means the destination
+ doesn't exist.</para></listitem>
+ </itemizedlist>
+ <para>For IPv4 route, defaults to <literal>host</literal> if <varname>Type=</varname> is
+ <literal>local</literal> or <literal>nat</literal>,
+ and <literal>link</literal> if <varname>Type=</varname> is
<literal>broadcast</literal>, <literal>multicast</literal>, or <literal>anycast</literal>.
- In other cases, defaults to <literal>global</literal>.</para>
+ In other cases, defaults to <literal>global</literal>. The value is
+ not used for IPv6.</para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry>
<term><varname>Table=</varname></term>
<listitem>
- <para>The table identifier for the route. Takes <literal>default</literal>,
- <literal>main</literal>, <literal>local</literal> or a number between 1 and 4294967295.
- The table can be retrieved using <command>ip route show table <replaceable>num</replaceable></command>.
- If unset and <varname>Type=</varname> is <literal>local</literal>, <literal>broadcast</literal>,
- <literal>anycast</literal>, or <literal>nat</literal>, then <literal>local</literal> is used.
+ <para>The table identifier for the route. Takes one of predefined names <literal>default</literal>, <literal>main</literal>,
+ and <literal>local</literal>, and names defined in <varname>RouteTable=</varname> in <citerefentry><refentrytitle>networkd.conf</refentrytitle>
+ <manvolnum>5</manvolnum></citerefentry>, or a number between 1 and 4294967295. The table can be retrieved using
+ <command>ip route show table <replaceable>num</replaceable></command>. If unset and <varname>Type=</varname> is <literal>local</literal>,
+ <literal>broadcast</literal>, <literal>anycast</literal>, or <literal>nat</literal>, then <literal>local</literal> is used.
In other cases, defaults to <literal>main</literal>.
</para>
</listitem>
service type to CS6 (network control) or CS4 (Realtime). Defaults to CS6.</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>TCPAdvertisedMaximumSegmentSize=</varname></term>
+ <listitem>
+ <para>Specifies the Path MSS (in bytes) hints given on TCP layer. The usual suffixes K, M, G, are
+ supported and are understood to the base of 1024. An unsigned integer in the range 1–4294967294.
+ When unset, the kernel's default will be used.</para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term><varname>MultiPathRoute=<replaceable>address</replaceable>[@<replaceable>name</replaceable>] [<replaceable>weight</replaceable>]</varname></term>
<listitem>
<term><varname>MaxAttempts=</varname></term>
<listitem>
<para>Specifies how many times the DHCPv4 client configuration should be attempted. Takes a
- number or <literal>infinity</literal>. Defaults to <literal>infinity</literal>.
- Note that the time between retries is increased exponentially, so the network will not be
- overloaded even if this number is high.</para>
+ number or <literal>infinity</literal>. Defaults to <literal>infinity</literal>. Note that the
+ time between retries is increased exponentially, up to approximately one per minute, so the
+ network will not be overloaded even if this number is high. The default is suitable in most
+ circumstances.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>RequestOptions=</varname></term>
<listitem>
- <para>When configured, allows to set arbitrary request options in the DHCPv4 request options list and will be
- sent to the DHCPV4 server. A whitespace-separated list of integers in the range 1..254. Defaults to unset.</para>
+ <para>Sets request options to be sent to the server in the DHCPv4 request options list. A
+ whitespace-separated list of integers in the range 1…254. Defaults to unset.</para>
</listitem>
</varlistentry>
<para>Send an arbitrary raw option in the DHCPv4 request. Takes a DHCP option number, data type
and data separated with a colon
(<literal><replaceable>option</replaceable>:<replaceable>type</replaceable>:<replaceable>value</replaceable></literal>).
- The option number must be an integer in the range 1..254. The type takes one of <literal>uint8</literal>,
- <literal>uint16</literal>, <literal>uint32</literal>, <literal>ipv4address</literal>, or
- <literal>string</literal>. Special characters in the data string may be escaped using
- <ulink url="https://en.wikipedia.org/wiki/Escape_sequences_in_C#Table_of_escape_sequences">C-style
+ The option number must be an integer in the range 1…254. The type takes one of
+ <literal>uint8</literal>, <literal>uint16</literal>, <literal>uint32</literal>,
+ <literal>ipv4address</literal>, or <literal>string</literal>. Special characters in the data
+ string may be escaped using <ulink
+ url="https://en.wikipedia.org/wiki/Escape_sequences_in_C#Table_of_escape_sequences">C-style
escapes</ulink>. This setting can be specified multiple times. If an empty string is specified,
then all options specified earlier are cleared. Defaults to unset.</para>
</listitem>
<varlistentry>
<term><varname>SendVendorOption=</varname></term>
<listitem>
- <para>Send an arbitrary vendor option in the DHCPv4 request. Takes a DHCP option number, data type
- and data separated with a colon
+ <para>Send an arbitrary vendor option in the DHCPv4 request. Takes a DHCP option number, data
+ type and data separated with a colon
(<literal><replaceable>option</replaceable>:<replaceable>type</replaceable>:<replaceable>value</replaceable></literal>).
- The option number must be an integer in the range 1..254. The type takes one of <literal>uint8</literal>,
- <literal>uint16</literal>, <literal>uint32</literal>, <literal>ipv4address</literal>, or
- <literal>string</literal>. Special characters in the data string may be escaped using
- <ulink url="https://en.wikipedia.org/wiki/Escape_sequences_in_C#Table_of_escape_sequences">C-style
+ The option number must be an integer in the range 1…254. The type takes one of
+ <literal>uint8</literal>, <literal>uint16</literal>, <literal>uint32</literal>,
+ <literal>ipv4address</literal>, or <literal>string</literal>. Special characters in the data
+ string may be escaped using <ulink
+ url="https://en.wikipedia.org/wiki/Escape_sequences_in_C#Table_of_escape_sequences">C-style
escapes</ulink>. This setting can be specified multiple times. If an empty string is specified,
then all options specified earlier are cleared. Defaults to unset.</para>
</listitem>
<varname>DHCP=</varname> setting described above, or invoked by the IPv6 Router Advertisement:</para>
<variablelist class='network-directives'>
+ <varlistentry>
+ <term><varname>UseAddress=</varname></term>
+ <listitem>
+ <para>When true (the default), the IP addresses provided by the DHCPv6 server will be
+ assigned.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term><varname>UseDNS=</varname></term>
<term><varname>UseNTP=</varname></term>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>UseFQDN=</varname></term>
+ <listitem>
+ <para>Equivalent of <varname>UseHostname=</varname> in the [DHCPv4] section.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term><varname>RouteMetric=</varname></term>
<listitem>
<term><varname>MUDURL=</varname></term>
<listitem>
<para>When configured, the specified Manufacturer Usage Description (MUD) URL will be sent to
- the DHCPV6 server. The syntax and semantics are the same as for <varname>MUDURL=</varname> in the
+ the DHCPv6 server. The syntax and semantics are the same as for <varname>MUDURL=</varname> in the
[DHCPv4] section described above.</para>
</listitem>
</varlistentry>
<term><varname>RequestOptions=</varname></term>
<listitem>
<para>When configured, allows to set arbitrary request options in the DHCPv6 request options list
- that will be sent to the DHCPV6 server. A whitespace-separated list of integers in the range
- 1..254. Defaults to unset.</para>
+ that will be sent to the DHCPv6 server. A whitespace-separated list of integers in the range
+ 1…254. Defaults to unset.</para>
</listitem>
</varlistentry>
<term><varname>SendOption=</varname></term>
<listitem>
<para>As in the [DHCPv4] section, however because DHCPv6 uses 16-bit fields to store
- option numbers, the option number is an integer in the range 1..65536.</para>
+ option numbers, the option number is an integer in the range 1…65536.</para>
</listitem>
</varlistentry>
<ulink url="https://en.wikipedia.org/wiki/Escape_sequences_in_C#Table_of_escape_sequences">C-style
escapes</ulink>. This setting can be specified multiple times. If an empty string is specified,
then all options specified earlier are cleared. Takes a whitespace-separated list of strings. Note that
- currently NUL bytes are not allowed.</para>
+ currently <constant>NUL</constant> bytes are not allowed.</para>
</listitem>
</varlistentry>
addresses. Defaults to unset.</para>
</listitem>
</varlistentry>
+
+ <varlistentry>
+ <term><varname>ManageTemporaryAddress=</varname></term>
+ <listitem>
+ <para>As in the [Address] section, but defaults to true.</para>
+ </listitem>
+ </varlistentry>
</variablelist>
</refsect1>
</varlistentry>
<varlistentry>
- <term><varname>DenyList=</varname></term>
+ <term><varname>RouterDenyList=</varname></term>
+ <listitem>
+ <para>A whitespace-separated list of IPv6 router addresses. Any information advertised by
+ the listed router is ignored.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>RouterAllowList=</varname></term>
+ <listitem>
+ <para>A whitespace-separated list of IPv6 router addresses. Only information advertised by
+ the listed router is accepted. Note that if <varname>RouterAllowList=</varname> is
+ configured then <varname>RouterDenyList=</varname> is ignored.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>PrefixDenyList=</varname></term>
+ <listitem>
+ <para>A whitespace-separated list of IPv6 prefixes. IPv6 prefixes supplied via router
+ advertisements in the list are ignored.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>PrefixAllowList=</varname></term>
+ <listitem>
+ <para>A whitespace-separated list of IPv6 prefixes. IPv6 prefixes supplied via router
+ advertisements in the list are allowed. Note that if <varname>PrefixAllowList=</varname> is
+ configured then <varname>PrefixDenyList=</varname> is ignored.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>RouteDenyList=</varname></term>
<listitem>
- <para>A whitespace-separated list of IPv6 prefixes. IPv6 prefixes supplied via router advertisements in the list are ignored.</para>
+ <para>A whitespace-separated list of IPv6 route prefixes. IPv6 route prefixes supplied via
+ router advertisements in the list are ignored.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>RouteAllowList=</varname></term>
+ <listitem>
+ <para>A whitespace-separated list of IPv6 route prefixes. IPv6 route prefixes supplied via
+ router advertisements in the list are allowed. Note that if <varname>RouteAllowList=</varname> is
+ configured then <varname>RouteDenyList=</varname> is ignored.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>DHCPv6Client=</varname></term>
<listitem>
- <para>Takes a boolean, or the special value <literal>always</literal>. When true (the default), the DHCPv6 client will be started when the
- RA has the managed or other information flag. If set to <literal>always</literal>, the DHCPv6 client will be started even if there is no
- managed or other information flag in the RA.</para>
+ <para>Takes a boolean, or the special value <literal>always</literal>. When true or
+ <literal>always</literal>, the DHCPv6 client will be started when the RA has the managed or
+ other information flag. If set to <literal>always</literal>, the DHCPv6 client will also be
+ started in managed mode when neither managed nor other information flag is set in the RA.
+ Defaults to true.</para>
</listitem>
</varlistentry>
</variablelist>
servers set. The "uplink" interface is determined by the default route of the system with the highest
priority. Note that this information is acquired at the time the lease is handed out, and does not
take uplink interfaces into account that acquire DNS server information at a later point. If no
- suitable uplinkg interface is found the DNS server data from <filename>/etc/resolv.conf</filename> is
+ suitable uplink interface is found the DNS server data from <filename>/etc/resolv.conf</filename> is
used. Also, note that the leases are not refreshed if the uplink network configuration changes. To
ensure clients regularly acquire the most current uplink DNS server information, it is thus advisable
to shorten the DHCP lease time via <varname>MaxLeaseTimeSec=</varname> described
<listitem>
<para>Send a raw option with value via DHCPv4 server. Takes a DHCP option number, data type
and data (<literal><replaceable>option</replaceable>:<replaceable>type</replaceable>:<replaceable>value</replaceable></literal>).
- The option number is an integer in the range 1..254. The type takes one of <literal>uint8</literal>,
+ The option number is an integer in the range 1…254. The type takes one of <literal>uint8</literal>,
<literal>uint16</literal>, <literal>uint32</literal>, <literal>ipv4address</literal>, <literal>ipv6address</literal>, or
<literal>string</literal>. Special characters in the data string may be escaped using
<ulink url="https://en.wikipedia.org/wiki/Escape_sequences_in_C#Table_of_escape_sequences">C-style
<listitem>
<para>Send a vendor option with value via DHCPv4 server. Takes a DHCP option number, data type
and data (<literal><replaceable>option</replaceable>:<replaceable>type</replaceable>:<replaceable>value</replaceable></literal>).
- The option number is an integer in the range 1..254. The type takes one of <literal>uint8</literal>,
+ The option number is an integer in the range 1…254. The type takes one of <literal>uint8</literal>,
<literal>uint16</literal>, <literal>uint32</literal>, <literal>ipv4address</literal>, or
<literal>string</literal>. Special characters in the data string may be escaped using
<ulink url="https://en.wikipedia.org/wiki/Escape_sequences_in_C#Table_of_escape_sequences">C-style
<term><varname>VNI=</varname></term>
<listitem>
<para>The VXLAN Network Identifier (or VXLAN Segment ID) to use to connect to
- the remote VXLAN tunnel endpoint. Takes a number in the range 1-16777215.
+ the remote VXLAN tunnel endpoint. Takes a number in the range 1…16777215.
Defaults to unset.</para>
</listitem>
</varlistentry>
<term><varname>BitRate=</varname></term>
<listitem>
<para>The bitrate of CAN device in bits per second. The usual SI prefixes (K, M) with the base of 1000 can
- be used here. Takes a number in the range 1..4294967295.</para>
+ be used here. Takes a number in the range 1…4294967295.</para>
</listitem>
</varlistentry>
<varlistentry>
the value of a received bit by majority rule. When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>BusErrorReporting=</varname></term>
+ <listitem>
+ <para>Takes a boolean. When <literal>yes</literal>, reporting of CAN bus errors is activated
+ (those include single bit, frame format, and bit stuffing errors, unable to send dominant bit,
+ unable to send recessive bit, bus overload, active error announcement, error occurred on
+ transmission). When unset, the kernel's default will be used. Note: in case of a CAN bus with a
+ single CAN device, sending a CAN frame may result in a huge number of CAN bus errors.</para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term><varname>ListenOnly=</varname></term>
<listitem>
<varlistentry>
<term><varname>PacketLimit=</varname></term>
<listitem>
- <para>Specifies the hard limit on the queue size in number of packets. When this limit is reached, incoming packets are
- dropped. An unsigned integer in the range 1–4294967294. Defaults to unset and kernel's default is used.</para>
+ <para>Specifies the hard limit on the queue size in number of packets. When this limit is reached,
+ incoming packets are dropped. An unsigned integer in the range 1…4294967294. Defaults to unset and
+ kernel's default is used.</para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term><varname>PacketLimit=</varname></term>
<listitem>
- <para>Specifies the hard limit on the queue size in number of packets. When this limit is reached, incoming packets are
- dropped. An unsigned integer ranges 1 to 4294967294. Defaults to unset and kernel's default is used.</para>
+ <para>Specifies the hard limit on the queue size in number of packets. When this limit is reached,
+ incoming packets are dropped. An unsigned integer ranges 1 to 4294967294. Defaults to unset and
+ kernel's default is used.</para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term><varname>PacketLimit=</varname></term>
<listitem>
- <para>Specifies the hard limit on the FIFO size in number of packets. The size limit (a buffer
- size) to prevent it from overflowing in case it is unable to dequeue packets as quickly as it
- receives them. When this limit is reached, incoming packets are dropped. An unsigned integer in the
- range 0–4294967294. Defaults to unset and kernel's default is used.</para>
+ <para>Specifies the hard limit on the number of packets in the FIFO queue. The size limit prevents
+ overflow in case the kernel is unable to dequeue packets as quickly as it receives them. When this
+ limit is reached, incoming packets are dropped. An unsigned integer in the range
+ 0–4294967294. Defaults to unset and kernel's default is used.</para>
</listitem>
</varlistentry>
</variablelist>
separated list of numbers. The first number indicates which band the packets with priority 0 should
be put to, the second is for priority 1, and so on. There can be up to 16 numbers in the list. If
there are fewer, the default band that traffic with one of the unmentioned priorities goes to is
- the last one. Each band number must be in the range 0..255. This setting can be specified multiple
+ the last one. Each band number must be in the range 0…255. This setting can be specified multiple
times. If an empty string is assigned, then the all previous assignments are cleared.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>VirtualQueues=</varname></term>
<listitem>
- <para>Specifies the number of virtual queues. Takes a integer in the range 1-16. Defaults to unset and kernel's default is used.</para>
+ <para>Specifies the number of virtual queues. Takes a integer in the range 1…16. Defaults to unset
+ and kernel's default is used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Weight=</varname></term>
<listitem>
- <para>Specifies the weight of the class. Takes an integer in the range 1..1023. Defaults to
+ <para>Specifies the weight of the class. Takes an integer in the range 1…1023. Defaults to
unset in which case the kernel default is used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>MaxPacketBytes=</varname></term>
<listitem>
- <para>Specifies the maximum packet size in bytes for the class. When suffixed with K, M, or G, the specified
- size is parsed as Kilobytes, Megabytes, or Gigabytes, respectively, to the base of 1024. When unset,
- the kernel default is used.</para>
+ <para>Specifies the maximum packet size in bytes for the class. When suffixed with K, M, or G, the
+ specified size is parsed as Kilobytes, Megabytes, or Gigabytes, respectively, to the base of
+ 1024. When unset, the kernel default is used.</para>
</listitem>
</varlistentry>
</variablelist>
projects / thirdparty / systemd.git / blobdiff