]> git.ipfire.org Git - thirdparty/systemd.git/blobdiff - man/systemd.network.xml
networkd: support setting dhcp server port
[thirdparty/systemd.git] / man / systemd.network.xml
index ea558c4b4ef58bb8a436e6bee8269090a81cdb3e..adff23d1fedfa19ec6bb3adb6bcabf9dbb2c32f4 100644 (file)
@@ -1,6 +1,6 @@
 <?xml version='1.0'?>
 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
-  "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
 <!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
 
 <refentry id="systemd.network" conditional='ENABLE_NETWORKD'
       <varlistentry>
         <term><varname>RequiredForOnline=</varname></term>
         <listitem>
-          <para>Takes a boolean or a minimum operational state and an optional maximum operational
-          state. Please see
+          <para>Takes a boolean, a minimum operational state (e.g., <literal>carrier</literal>), or a range
+          of operational state separated with a colon (e.g., <literal>degraded:routable</literal>).
+          Please see
           <citerefentry><refentrytitle>networkctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
           for possible operational states. When <literal>yes</literal>, the network is deemed required
           when determining whether the system is online (including when running
           <command>systemd-networkd-wait-online</command>). When <literal>no</literal>, the network is
           ignored when determining the online state. When a minimum operational state and an optional
-          maximum operational state are set, <literal>yes</literal> is implied, and this controls the
-          minimum and maximum operational state required for the network interface to be considered
-          online.</para>
+          maximum operational state are set, <command>systemd-networkd-wait-online</command> deems that the
+          interface is online when the operational state is in the specified range.</para>
 
           <para>Defaults to <literal>yes</literal> when <varname>ActivationPolicy=</varname> is not
           set, or set to <literal>up</literal>, <literal>always-up</literal>, or
           skipped automatically by <command>systemd-networkd-wait-online</command> if
           <literal>RequiredForOnline=no</literal>.</para>
 
+          <para>The boolean value <literal>yes</literal> is translated as follows;
+          <variablelist>
+            <varlistentry>
+              <term><option>CAN devices</option></term>
+              <listitem>
+                <para><literal>carrier</literal>,</para>
+                <xi:include href="version-info.xml" xpointer="v256"/>
+              </listitem>
+            </varlistentry>
+            <varlistentry>
+              <term><option>Master devices, e.g. bond or bridge</option></term>
+              <listitem>
+                <para><literal>degraded-carrier</literal> with <varname>RequiredFamilyForOnline=any</varname>,</para>
+                <xi:include href="version-info.xml" xpointer="v256"/>
+              </listitem>
+            </varlistentry>
+            <varlistentry>
+              <term><option>Bonding port interfaces</option></term>
+              <listitem>
+                <para><literal>enslaved</literal>,</para>
+                <xi:include href="version-info.xml" xpointer="v256"/>
+              </listitem>
+            </varlistentry>
+            <varlistentry>
+              <term><option>Other interfaces</option></term>
+              <listitem>
+                <para><literal>degraded</literal>.</para>
+                <xi:include href="version-info.xml" xpointer="v236"/>
+              </listitem>
+            </varlistentry>
+          </variablelist>
+          </para>
+
+          <para>This setting can be overridden by the command line option for
+          <command>systemd-networkd-wait-online</command>. See
+          <citerefentry><refentrytitle>systemd-networkd-wait-online.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+          for more details.</para>
+
           <xi:include href="version-info.xml" xpointer="v236"/>
         </listitem>
       </varlistentry>
           required when determining whether the link is online (including when running
           <command>systemd-networkd-wait-online</command>). Takes one of <literal>ipv4</literal>,
           <literal>ipv6</literal>, <literal>both</literal>, or <literal>any</literal>. Defaults to
-          <literal>any</literal>. Note that this option has no effect if
-          <literal>RequiredForOnline=no</literal>, or if <literal>RequiredForOnline=</literal>
-          specifies a minimum operational state below <literal>degraded</literal>.</para>
+          <literal>no</literal>. Note that this option has no effect if
+          <literal>RequiredForOnline=no</literal>.</para>
 
           <xi:include href="version-info.xml" xpointer="v249"/>
         </listitem>
@@ -875,6 +912,18 @@ Table=1234</programlisting></para>
         </listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><varname>IPv6RetransmissionTimeSec=</varname></term>
+        <listitem>
+          <para>Configures IPv6 Retransmission Time. The time between retransmitted Neighbor
+          Solicitation messages. Used by address resolution and the Neighbor Unreachability
+          Detection algorithm. A value of zero is ignored and the kernel's current value
+          will be used. Defaults to unset, and the kernel's current value will be used.</para>
+
+          <xi:include href="version-info.xml" xpointer="v256"/>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><varname>IPv4ReversePathFilter=</varname></term>
         <listitem>
@@ -1342,13 +1391,15 @@ Table=1234</programlisting></para>
           Fallback Peer Labeling</ulink> rules. They will be removed when the interface is
           deconfigured. Failures to manage the labels will be ignored.</para>
 
-          <para>Warning: Once labeling is enabled for network traffic, a lot of LSM access control points in
-          Linux networking stack go from dormant to active. Care should be taken to avoid getting into a
-          situation where for example remote connectivity is broken, when the security policy hasn't been
-          updated to consider LSM per-packet access controls and no rules would allow any network
-          traffic. Also note that additional configuration with <citerefentry
-          project='man-pages'><refentrytitle>netlabelctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-          is needed.</para>
+          <warning>
+            <para>Once labeling is enabled for network traffic, a lot of LSM access control points in
+            Linux networking stack go from dormant to active. Care should be taken to avoid getting into a
+            situation where for example remote connectivity is broken, when the security policy hasn't been
+            updated to consider LSM per-packet access controls and no rules would allow any network
+            traffic. Also note that additional configuration with <citerefentry
+            project='man-pages'><refentrytitle>netlabelctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+            is needed.</para>
+          </warning>
 
           <para>Example:
           <programlisting>[Address]
@@ -1620,6 +1671,18 @@ NFTSet=prefix:netdev:filter:eth_ipv4_prefix</programlisting>
         </listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><varname>L3MasterDevice=</varname></term>
+        <listitem>
+          <para>A boolean. Specifies whether the rule is to direct lookups to the tables associated with
+          level 3 master devices (also known as Virtual Routing and Forwarding or VRF devices).
+          For further details see <ulink url="https://docs.kernel.org/networking/vrf.html">
+          Virtual Routing and Forwarding (VRF)</ulink>. Defaults to false.</para>
+
+          <xi:include href="version-info.xml" xpointer="v256"/>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><varname>SourcePort=</varname></term>
         <listitem>
@@ -1942,7 +2005,7 @@ NFTSet=prefix:netdev:filter:eth_ipv4_prefix</programlisting>
           <command>ip route show table <replaceable>num</replaceable></command>. If unset and
           <varname>Type=</varname> is <literal>local</literal>, <literal>broadcast</literal>,
           <literal>anycast</literal>, or <literal>nat</literal>, then <literal>local</literal> is used.
-          In other cases, defaults to <literal>main</literal>.</para>
+          In other cases, defaults to <literal>main</literal>. Ignored if <varname>L3MasterDevice=</varname> is true.</para>
 
           <xi:include href="version-info.xml" xpointer="v230"/>
         </listitem>
@@ -2038,16 +2101,6 @@ NFTSet=prefix:netdev:filter:eth_ipv4_prefix</programlisting>
         </listitem>
       </varlistentry>
 
-      <varlistentry>
-        <term><varname>TTLPropagate=</varname></term>
-        <listitem>
-          <para>Takes a boolean. When true enables TTL propagation at Label Switched Path (LSP) egress.
-          When unset, the kernel's default will be used.</para>
-
-          <xi:include href="version-info.xml" xpointer="v243"/>
-        </listitem>
-      </varlistentry>
-
       <varlistentry>
         <term><varname>MTUBytes=</varname></term>
         <listitem>
@@ -2288,7 +2341,7 @@ NFTSet=prefix:netdev:filter:eth_ipv4_prefix</programlisting>
           are implied and these settings in the .network file are silently ignored. Also,
           <varname>Hostname=</varname>,
           <varname>MUDURL=</varname>,
-          <varname>RequestAddress</varname>,
+          <varname>RequestAddress=</varname>,
           <varname>RequestOptions=</varname>,
           <varname>SendOption=</varname>,
           <varname>SendVendorOption=</varname>,
@@ -2630,8 +2683,7 @@ NFTSet=prefix:netdev:filter:eth_ipv4_prefix</programlisting>
           <para>When true, the DHCPv4 configuration will be delayed by the timespan provided by the DHCP
           server and skip to configure dynamic IPv4 network connectivity if IPv6 connectivity is provided
           within the timespan. See <ulink url="https://tools.ietf.org/html/rfc8925">RFC 8925</ulink>.
-          Defaults to true when <varname>IPv6AcceptRA=</varname> is enabled or DHCPv6 client is enabled
-          (i.e., <varname>DHCP=yes</varname>), and false otherwise.</para>
+          Defaults to false.</para>
 
           <xi:include href="version-info.xml" xpointer="v255"/>
         </listitem>
@@ -2684,6 +2736,15 @@ NFTSet=prefix:netdev:filter:eth_ipv4_prefix</programlisting>
         </listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><varname>ServerPort=</varname></term>
+        <listitem>
+          <para>Set the port on which the DHCP server is listening.</para>
+
+        <xi:include href="version-info.xml" xpointer="v256"/>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><varname>DenyList=</varname></term>
         <listitem>
@@ -3295,6 +3356,29 @@ Token=prefixstable:2002:da8:1::</programlisting></para>
         </listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><varname>UseReachableTime=</varname></term>
+        <listitem>
+          <para>Takes a boolean. When true, the reachable time received in the Router Advertisement will be
+          set on the interface receiving the advertisement. It is used as the base timespan of the validity
+          of a neighbor entry. Defaults to true.</para>
+
+          <xi:include href="version-info.xml" xpointer="v256"/>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><varname>UseRetransmissionTime=</varname></term>
+        <listitem>
+          <para>Takes a boolean. When true, the retransmission time received in the Router Advertisement will be set
+          on the interface receiving the advertisement. It is used as the time between retransmissions of Neighbor
+          Solicitation messages to a neighbor when resolving the address or when probing the reachability of a neighbor.
+          Defaults to true.</para>
+
+          <xi:include href="version-info.xml" xpointer="v256"/>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><varname>UseICMP6RateLimit=</varname></term>
         <listitem>