]>
Commit | Line | Data |
---|---|---|
eac684ef TG |
1 | <?xml version='1.0'?> <!--*-nxml-*--> |
2 | <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" | |
681eb9cf FB |
3 | "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ |
4 | <!ENTITY % entities SYSTEM "custom-entities.ent" > | |
5 | %entities; | |
6 | ]> | |
eac684ef TG |
7 | |
8 | <!-- | |
9 | This file is part of systemd. | |
10 | ||
11 | Copyright 2013 Tom Gundersen | |
12 | ||
13 | systemd is free software; you can redistribute it and/or modify it | |
14 | under the terms of the GNU Lesser General Public License as published by | |
15 | the Free Software Foundation; either version 2.1 of the License, or | |
16 | (at your option) any later version. | |
17 | ||
18 | systemd is distributed in the hope that it will be useful, but | |
19 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
20 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
21 | Lesser General Public License for more details. | |
22 | ||
23 | You should have received a copy of the GNU Lesser General Public License | |
24 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
25 | --> | |
26 | ||
27 | <refentry id="systemd.netdev" conditional='ENABLE_NETWORKD'> | |
28 | ||
798d3a52 ZJS |
29 | <refentryinfo> |
30 | <title>systemd.network</title> | |
31 | <productname>systemd</productname> | |
32 | ||
33 | <authorgroup> | |
34 | <author> | |
35 | <contrib>Developer</contrib> | |
36 | <firstname>Tom</firstname> | |
37 | <surname>Gundersen</surname> | |
38 | <email>teg@jklm.no</email> | |
39 | </author> | |
40 | </authorgroup> | |
41 | </refentryinfo> | |
42 | ||
43 | <refmeta> | |
44 | <refentrytitle>systemd.netdev</refentrytitle> | |
45 | <manvolnum>5</manvolnum> | |
46 | </refmeta> | |
47 | ||
48 | <refnamediv> | |
49 | <refname>systemd.netdev</refname> | |
50 | <refpurpose>Virtual Network Device configuration</refpurpose> | |
51 | </refnamediv> | |
52 | ||
53 | <refsynopsisdiv> | |
54 | <para><filename><replaceable>netdev</replaceable>.netdev</filename></para> | |
55 | </refsynopsisdiv> | |
56 | ||
57 | <refsect1> | |
58 | <title>Description</title> | |
59 | ||
60 | <para>Network setup is performed by | |
61 | <citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>. | |
62 | </para> | |
63 | ||
64 | <para>Virtual Network Device files must have the extension | |
65 | <filename>.netdev</filename>; other extensions are ignored. | |
66 | Virtual network devices are created as soon as networkd is | |
67 | started. If a netdev with the specified name already exists, | |
68 | networkd will use that as-is rather than create its own. Note that | |
69 | the settings of the pre-existing netdev will not be changed by | |
70 | networkd.</para> | |
71 | ||
72 | <para>The <filename>.netdev</filename> files are read from the | |
73 | files located in the system network directory | |
681eb9cf | 74 | <filename>&rootlibexecdir;/network</filename>, the volatile |
798d3a52 ZJS |
75 | runtime network directory |
76 | <filename>/run/systemd/network</filename> and the local | |
77 | administration network directory | |
681eb9cf | 78 | <filename>&pkgsysconfdir;/network</filename>. All configuration files |
798d3a52 ZJS |
79 | are collectively sorted and processed in lexical order, regardless |
80 | of the directories in which they live. However, files with | |
81 | identical filenames replace each other. Files in | |
82 | <filename>/etc</filename> have the highest priority, files in | |
83 | <filename>/run</filename> take precedence over files with the same | |
7d2e33a4 | 84 | name in <filename>&rootprefix;/lib</filename>. This can be used to |
798d3a52 ZJS |
85 | override a system-supplied configuration file with a local file if |
86 | needed; a symlink in <filename>/etc</filename> with the same name | |
7d2e33a4 | 87 | as a configuration file in <filename>&rootprefix;/lib</filename>, pointing |
798d3a52 ZJS |
88 | to <filename>/dev/null</filename>, disables the configuration file |
89 | entirely.</para> | |
90 | ||
91 | </refsect1> | |
92 | ||
93 | <refsect1> | |
94 | <title>Supported netdev kinds</title> | |
95 | ||
96 | <para>The following kinds of virtual network devices may be | |
97 | configured in <filename>.netdev</filename> files:</para> | |
98 | ||
99 | <table> | |
100 | <title>Supported kinds of virtual network devices</title> | |
101 | ||
102 | <tgroup cols='2'> | |
103 | <colspec colname='kind' /> | |
104 | <colspec colname='explanation' /> | |
105 | <thead><row> | |
106 | <entry>Kind</entry> | |
107 | <entry>Description</entry> | |
108 | </row></thead> | |
109 | <tbody> | |
110 | <row><entry><varname>bond</varname></entry> | |
111 | <entry>A bond device is an aggregation of all its slave devices. See <ulink url="https://www.kernel.org/doc/Documentation/networking/bonding.txt">Linux Ethernet Bonding Driver HOWTO</ulink> for details.Local configuration</entry></row> | |
112 | ||
113 | <row><entry><varname>bridge</varname></entry> | |
a6818881 | 114 | <entry>A bridge device is a software switch, each of its slave devices and the bridge itself are ports of the switch.</entry></row> |
798d3a52 ZJS |
115 | |
116 | <row><entry><varname>dummy</varname></entry> | |
117 | <entry>A dummy device drops all packets sent to it.</entry></row> | |
118 | ||
119 | <row><entry><varname>gre</varname></entry> | |
120 | <entry>A Level 3 GRE tunnel over IPv4. See <ulink url="https://tools.ietf.org/html/rfc2784">RFC 2784</ulink> for details.</entry></row> | |
121 | ||
122 | <row><entry><varname>gretap</varname></entry> | |
123 | <entry>A Level 2 GRE tunnel over IPv4.</entry></row> | |
124 | ||
125 | <row><entry><varname>ip6gre</varname></entry> | |
126 | <entry>A Level 3 GRE tunnel over IPv6.</entry></row> | |
127 | ||
128 | <row><entry><varname>ip6tnl</varname></entry> | |
129 | <entry>An IPv4 or IPv6 tunnel over IPv6</entry></row> | |
130 | ||
131 | <row><entry><varname>ip6gretap</varname></entry> | |
132 | <entry>An Level 2 GRE tunnel over IPv6.</entry></row> | |
133 | ||
134 | <row><entry><varname>ipip</varname></entry> | |
135 | <entry>An IPv4 over IPv4 tunnel.</entry></row> | |
136 | ||
137 | <row><entry><varname>ipvlan</varname></entry> | |
138 | <entry>An ipvlan device is a stacked device which receives packets from its underlying device based on IP address filtering.</entry></row> | |
139 | ||
140 | <row><entry><varname>macvlan</varname></entry> | |
141 | <entry>A macvlan device is a stacked device which receives packets from its underlying device based on MAC address filtering.</entry></row> | |
142 | ||
143 | <row><entry><varname>sit</varname></entry> | |
144 | <entry>An IPv6 over IPv4 tunnel.</entry></row> | |
145 | ||
146 | <row><entry><varname>tap</varname></entry> | |
147 | <entry>A persistent Level 2 tunnel between a network device and a device node.</entry></row> | |
148 | ||
149 | <row><entry><varname>tun</varname></entry> | |
150 | <entry>A persistent Level 3 tunnel between a network device and a device node.</entry></row> | |
151 | ||
152 | <row><entry><varname>veth</varname></entry> | |
153 | <entry>An ethernet tunnel between a pair of network devices.</entry></row> | |
154 | ||
155 | <row><entry><varname>vlan</varname></entry> | |
156 | <entry>A VLAN is a stacked device which receives packets from its underlying device based on VLAN tagging. See <ulink url="http://www.ieee802.org/1/pages/802.1Q.html">IEEE 802.1Q</ulink> for details.</entry></row> | |
157 | ||
158 | <row><entry><varname>vti</varname></entry> | |
159 | <entry>An IPv4 over IPSec tunnel.</entry></row> | |
160 | ||
5cc0748e SS |
161 | <row><entry><varname>vti6</varname></entry> |
162 | <entry>An IPv6 over IPSec tunnel.</entry></row> | |
163 | ||
798d3a52 ZJS |
164 | <row><entry><varname>vxlan</varname></entry> |
165 | <entry>A virtual extensible LAN (vxlan), for connecting Cloud computing deployments.</entry></row> | |
166 | </tbody> | |
167 | </tgroup> | |
168 | </table> | |
169 | ||
170 | </refsect1> | |
171 | ||
172 | <refsect1> | |
173 | <title>[Match] Section Options</title> | |
174 | ||
175 | <para>A virtual network device is only created if the | |
176 | <literal>[Match]</literal> section matches the current | |
177 | environment, or if the section is empty. The following keys are | |
178 | accepted:</para> | |
179 | ||
180 | <variablelist class='network-directives'> | |
181 | <varlistentry> | |
182 | <term><varname>Host=</varname></term> | |
183 | <listitem> | |
184 | <para>Matches against the hostname or machine ID of the | |
185 | host. See <literal>ConditionHost=</literal> in | |
186 | <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
187 | for details. | |
188 | </para> | |
189 | </listitem> | |
190 | </varlistentry> | |
191 | <varlistentry> | |
192 | <term><varname>Virtualization=</varname></term> | |
193 | <listitem> | |
194 | <para>Checks whether the system is executed in a virtualized | |
195 | environment and optionally test whether it is a specific | |
196 | implementation. See | |
197 | <literal>ConditionVirtualization=</literal> in | |
198 | <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
199 | for details. | |
200 | </para> | |
201 | </listitem> | |
202 | </varlistentry> | |
203 | <varlistentry> | |
204 | <term><varname>KernelCommandLine=</varname></term> | |
205 | <listitem> | |
206 | <para>Checks whether a specific kernel command line option | |
207 | is set (or if prefixed with the exclamation mark unset). See | |
208 | <literal>ConditionKernelCommandLine=</literal> in | |
209 | <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
210 | for details. | |
211 | </para> | |
212 | </listitem> | |
213 | </varlistentry> | |
214 | <varlistentry> | |
215 | <term><varname>Architecture=</varname></term> | |
216 | <listitem> | |
217 | <para>Checks whether the system is running on a specific | |
218 | architecture. See <literal>ConditionArchitecture=</literal> in | |
219 | <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
220 | for details. | |
221 | </para> | |
222 | </listitem> | |
223 | </varlistentry> | |
224 | </variablelist> | |
225 | ||
226 | </refsect1> | |
227 | ||
228 | <refsect1> | |
229 | <title>[NetDev] Section Options</title> | |
230 | ||
231 | <para>The <literal>[NetDev]</literal> section accepts the | |
232 | following keys:</para> | |
233 | ||
234 | <variablelist class='network-directives'> | |
235 | <varlistentry> | |
236 | <term><varname>Description=</varname></term> | |
237 | <listitem> | |
238 | <para>A free-form description of the netdev.</para> | |
239 | </listitem> | |
240 | </varlistentry> | |
241 | <varlistentry> | |
242 | <term><varname>Name=</varname></term> | |
243 | <listitem> | |
244 | <para>The interface name used when creating the netdev. | |
245 | This option is compulsory.</para> | |
246 | </listitem> | |
247 | </varlistentry> | |
248 | <varlistentry> | |
249 | <term><varname>Kind=</varname></term> | |
250 | <listitem> | |
251 | <para>The netdev kind. This option is compulsory. See the | |
252 | <literal>Supported netdev kinds</literal> section for the | |
253 | valid keys.</para> | |
254 | </listitem> | |
255 | </varlistentry> | |
256 | <varlistentry> | |
257 | <term><varname>MTUBytes=</varname></term> | |
258 | <listitem> | |
259 | <para>The maximum transmission unit in bytes to set for | |
260 | the device. The usual suffixes K, M, G, are supported and | |
261 | are understood to the base of 1024. This key is not | |
ff9b60f3 | 262 | currently supported for <literal>tun</literal> or |
798d3a52 ZJS |
263 | <literal>tap</literal> devices. |
264 | </para> | |
265 | </listitem> | |
266 | </varlistentry> | |
267 | <varlistentry> | |
268 | <term><varname>MACAddress=</varname></term> | |
269 | <listitem> | |
270 | <para>The MAC address to use for the device. If none is | |
271 | given, one is generated based on the interface name and | |
272 | the | |
273 | <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry>. | |
ff9b60f3 | 274 | This key is not currently supported for |
798d3a52 ZJS |
275 | <literal>tun</literal> or <literal>tap</literal> devices. |
276 | </para> | |
277 | </listitem> | |
278 | </varlistentry> | |
279 | </variablelist> | |
280 | </refsect1> | |
281 | ||
282 | <refsect1> | |
283 | <title>[VLAN] Section Options</title> | |
284 | ||
285 | <para>The <literal>[VLAN]</literal> section only applies for | |
286 | netdevs of kind <literal>vlan</literal>, and accepts the | |
287 | following key:</para> | |
288 | ||
289 | <variablelist class='network-directives'> | |
290 | <varlistentry> | |
291 | <term><varname>Id=</varname></term> | |
292 | <listitem> | |
293 | <para>The VLAN ID to use. An integer in the range 0–4094. | |
294 | This option is compulsory.</para> | |
295 | </listitem> | |
296 | </varlistentry> | |
297 | </variablelist> | |
298 | ||
299 | </refsect1> | |
300 | ||
301 | <refsect1> | |
302 | <title>[MACVLAN] Section Options</title> | |
303 | ||
304 | <para>The <literal>[MACVLAN]</literal> section only applies for | |
305 | netdevs of kind <literal>macvlan</literal>, and accepts the | |
306 | following key:</para> | |
307 | ||
308 | <variablelist class='network-directives'> | |
309 | <varlistentry> | |
310 | <term><varname>Mode=</varname></term> | |
311 | <listitem> | |
312 | <para>The MACVLAN mode to use. The supported options are | |
313 | <literal>private</literal>, | |
314 | <literal>vepa</literal>, | |
315 | <literal>bridge</literal>, and | |
316 | <literal>passthru</literal>. | |
317 | </para> | |
318 | </listitem> | |
319 | </varlistentry> | |
320 | </variablelist> | |
321 | ||
322 | </refsect1> | |
323 | ||
324 | <refsect1> | |
325 | <title>[IPVLAN] Section Options</title> | |
326 | ||
327 | <para>The <literal>[IPVLAN]</literal> section only applies for | |
328 | netdevs of kind <literal>ipvlan</literal>, and accepts the | |
329 | following key:</para> | |
330 | ||
331 | <variablelist class='network-directives'> | |
332 | <varlistentry> | |
333 | <term><varname>Mode=</varname></term> | |
334 | <listitem> | |
335 | <para>The IPVLAN mode to use. The supported options are | |
336 | <literal>L2</literal> and <literal>L3</literal>. | |
337 | </para> | |
338 | </listitem> | |
339 | </varlistentry> | |
340 | </variablelist> | |
341 | ||
342 | </refsect1> | |
343 | ||
344 | <refsect1> | |
345 | <title>[VXLAN] Section Options</title> | |
346 | <para>The <literal>[VXLAN]</literal> section only applies for | |
347 | netdevs of kind <literal>vxlan</literal>, and accepts the | |
348 | following keys:</para> | |
349 | ||
350 | <variablelist class='network-directives'> | |
351 | <varlistentry> | |
352 | <term><varname>Id=</varname></term> | |
353 | <listitem> | |
354 | <para>The VXLAN ID to use.</para> | |
355 | </listitem> | |
356 | </varlistentry> | |
357 | <varlistentry> | |
358 | <term><varname>Group=</varname></term> | |
359 | <listitem> | |
360 | <para>An assigned multicast group IP address.</para> | |
361 | </listitem> | |
362 | </varlistentry> | |
363 | <varlistentry> | |
364 | <term><varname>TOS=</varname></term> | |
365 | <listitem> | |
366 | <para>The Type Of Service byte value for a vxlan interface.</para> | |
367 | </listitem> | |
368 | </varlistentry> | |
369 | <varlistentry> | |
370 | <term><varname>TTL=</varname></term> | |
371 | <listitem> | |
372 | <para>A fixed Time To Live N on Virtual eXtensible Local | |
373 | Area Network packets. N is a number in the range 1-255. 0 | |
374 | is a special value meaning that packets inherit the TTL | |
375 | value.</para> | |
376 | </listitem> | |
377 | </varlistentry> | |
378 | <varlistentry> | |
379 | <term><varname>MacLearning=</varname></term> | |
380 | <listitem> | |
381 | <para>A boolean. When true, enables dynamic MAC learning | |
382 | to discover remote MAC addresses.</para> | |
383 | </listitem> | |
384 | </varlistentry> | |
385 | <varlistentry> | |
386 | <term><varname>FDBAgeingSec=</varname></term> | |
387 | <listitem> | |
388 | <para>The lifetime of Forwarding Database entry learnt by | |
389 | the kernel in seconds.</para> | |
390 | </listitem> | |
391 | </varlistentry> | |
392 | <varlistentry> | |
393 | <term><varname>ARPProxy=</varname></term> | |
394 | <listitem> | |
395 | <para>A boolean. When true, enables ARP proxy.</para> | |
396 | </listitem> | |
397 | </varlistentry> | |
398 | <varlistentry> | |
399 | <term><varname>L2MissNotification=</varname></term> | |
400 | <listitem> | |
401 | <para>A boolean. When true, enables netlink LLADDR miss | |
402 | notifications.</para> | |
403 | </listitem> | |
404 | </varlistentry> | |
405 | <varlistentry> | |
406 | <term><varname>L3MissNotification=</varname></term> | |
407 | <listitem> | |
408 | <para>A boolean. When true, enables netlink IP ADDR miss | |
409 | notifications.</para> | |
410 | </listitem> | |
411 | </varlistentry> | |
412 | <varlistentry> | |
413 | <term><varname>RouteShortCircuit=</varname></term> | |
414 | <listitem> | |
415 | <para>A boolean. When true route short circuit is turned | |
416 | on.</para> | |
417 | </listitem> | |
418 | </varlistentry> | |
cffacc74 SS |
419 | <varlistentry> |
420 | <term><varname>UDPCheckSum=</varname></term> | |
421 | <listitem> | |
422 | <para>A boolean. When true transmitting UDP checksums when doing VXLAN/IPv4 is turned on.</para> | |
423 | </listitem> | |
424 | </varlistentry> | |
425 | <varlistentry> | |
426 | <term><varname>UDP6ZeroChecksumTx=</varname></term> | |
427 | <listitem> | |
428 | <para>A boolean. When true sending zero checksums in VXLAN/IPv6 is turned on.</para> | |
429 | </listitem> | |
430 | </varlistentry> | |
431 | <varlistentry> | |
432 | <term><varname>UDP6ZeroCheckSumRx=</varname></term> | |
433 | <listitem> | |
434 | <para>A boolean. When true receiving zero checksums in VXLAN/IPv6 is turned on.</para> | |
435 | </listitem> | |
436 | </varlistentry> | |
798d3a52 ZJS |
437 | </variablelist> |
438 | </refsect1> | |
439 | <refsect1> | |
440 | <title>[Tunnel] Section Options</title> | |
441 | ||
442 | <para>The <literal>[Tunnel]</literal> section only applies for | |
443 | netdevs of kind | |
444 | <literal>ipip</literal>, | |
445 | <literal>sit</literal>, | |
446 | <literal>gre</literal>, | |
447 | <literal>gretap</literal>, | |
448 | <literal>ip6gre</literal>, | |
449 | <literal>ip6gretap</literal>, | |
5cc0748e SS |
450 | <literal>vti</literal>, |
451 | <literal>vti6</literal>, and | |
798d3a52 ZJS |
452 | <literal>ip6tnl</literal> and accepts |
453 | the following keys:</para> | |
454 | ||
455 | <variablelist class='network-directives'> | |
456 | <varlistentry> | |
457 | <term><varname>Local=</varname></term> | |
458 | <listitem> | |
459 | <para>A static local address for tunneled packets. It must | |
460 | be an address on another interface of this host.</para> | |
461 | </listitem> | |
462 | </varlistentry> | |
463 | <varlistentry> | |
464 | <term><varname>Remote=</varname></term> | |
465 | <listitem> | |
466 | <para>The remote endpoint of the tunnel.</para> | |
467 | </listitem> | |
468 | </varlistentry> | |
469 | <varlistentry> | |
470 | <term><varname>TOS=</varname></term> | |
471 | <listitem> | |
472 | <para>The Type Of Service byte value for a tunnel interface. | |
473 | For details about the TOS see the | |
474 | <ulink url="http://tools.ietf.org/html/rfc1349"> Type of | |
475 | Service in the Internet Protocol Suite </ulink> document. | |
476 | </para> | |
477 | </listitem> | |
478 | </varlistentry> | |
479 | <varlistentry> | |
480 | <term><varname>TTL=</varname></term> | |
481 | <listitem> | |
482 | <para>A fixed Time To Live N on tunneled packets. N is a | |
483 | number in the range 1-255. 0 is a special value meaning that | |
484 | packets inherit the TTL value. The default value for IPv4 | |
485 | tunnels is: inherit. The default value for IPv6 tunnels is: | |
486 | 64.</para> | |
487 | </listitem> | |
488 | </varlistentry> | |
489 | <varlistentry> | |
490 | <term><varname>DiscoverPathMTU=</varname></term> | |
491 | <listitem> | |
492 | <para>A boolean. When true, enables Path MTU Discovery on | |
493 | the tunnel.</para> | |
494 | </listitem> | |
495 | </varlistentry> | |
496 | <varlistentry> | |
497 | <term><varname>Mode=</varname></term> | |
498 | <listitem> | |
499 | <para>An <literal>ip6tnl</literal> tunnels can have three | |
500 | modes | |
501 | <literal>ip6ip6</literal> for IPv6 over IPv6, | |
502 | <literal>ipip6</literal> for IPv4 over IPv6 or | |
503 | <literal>any</literal> for either. | |
504 | </para> | |
505 | </listitem> | |
506 | </varlistentry> | |
507 | </variablelist> | |
508 | </refsect1> | |
509 | <refsect1> | |
510 | <title>[Peer] Section Options</title> | |
511 | ||
512 | <para>The <literal>[Peer]</literal> section only applies for | |
513 | netdevs of kind <literal>veth</literal> and accepts the | |
514 | following key:</para> | |
515 | ||
516 | <variablelist class='network-directives'> | |
517 | <varlistentry> | |
518 | <term><varname>Name=</varname></term> | |
519 | <listitem> | |
520 | <para>The interface name used when creating the netdev. | |
521 | This option is compulsory.</para> | |
522 | </listitem> | |
523 | </varlistentry> | |
524 | <varlistentry> | |
525 | <term><varname>MACAddress=</varname></term> | |
526 | <listitem> | |
527 | <para>The peer MACAddress, if not set it is generated in | |
528 | the same way as the MAC address of the main | |
529 | interface.</para> | |
530 | </listitem> | |
531 | </varlistentry> | |
532 | </variablelist> | |
533 | </refsect1> | |
534 | <refsect1> | |
535 | <title>[Tun] Section Options</title> | |
536 | ||
537 | <para>The <literal>[Tun]</literal> section only applies for | |
538 | netdevs of kind <literal>tun</literal>, and accepts the following | |
539 | keys:</para> | |
540 | ||
541 | <variablelist class='network-directives'> | |
542 | <varlistentry> | |
543 | <term><varname>OneQueue=</varname></term> | |
544 | <listitem><para>Takes a boolean argument. Configures whether | |
545 | all packets are queued at the device (enabled), or a fixed | |
546 | number of packets are queued at the device and the rest at the | |
547 | <literal>qdisc</literal>. Defaults to | |
548 | <literal>no</literal>.</para> | |
549 | </listitem> | |
550 | </varlistentry> | |
551 | <varlistentry> | |
552 | <term><varname>MultiQueue=</varname></term> | |
553 | <listitem><para>Takes a boolean argument. Configures whether | |
554 | to use multiple file descriptors (queues) to parallelize | |
555 | packets sending and receiving. Defaults to | |
556 | <literal>no</literal>.</para> | |
557 | </listitem> | |
558 | </varlistentry> | |
559 | <varlistentry> | |
560 | <term><varname>PacketInfo=</varname></term> | |
561 | <listitem><para>Takes a boolean argument. Configures whether | |
ff9b60f3 | 562 | packets should be prepended with four extra bytes (two flag |
798d3a52 ZJS |
563 | bytes and two protocol bytes). If disabled it indicates that |
564 | the packets will be pure IP packets. Defaults to | |
565 | <literal>no</literal>.</para> | |
566 | </listitem> | |
567 | </varlistentry> | |
568 | <varlistentry> | |
569 | <term><varname>User=</varname></term> | |
570 | <listitem><para>User to grant access to the | |
571 | <filename>/dev/net/tun</filename> device.</para> | |
572 | </listitem> | |
573 | </varlistentry> | |
574 | <varlistentry> | |
575 | <term><varname>Group=</varname></term> | |
576 | <listitem><para>Group to grant access to the | |
577 | <filename>/dev/net/tun</filename> device.</para> | |
578 | </listitem> | |
579 | </varlistentry> | |
580 | ||
581 | </variablelist> | |
582 | ||
583 | </refsect1> | |
584 | ||
585 | <refsect1> | |
586 | <title>[Tap] Section Options</title> | |
587 | ||
588 | <para>The <literal>[Tap]</literal> section only applies for | |
589 | netdevs of kind <literal>tap</literal>, and accepts the same keys | |
590 | as the <literal>[Tun]</literal> section.</para> | |
591 | </refsect1> | |
592 | ||
593 | <refsect1> | |
594 | <title>[Bond] Section Options</title> | |
595 | ||
596 | <para>The <literal>[Bond]</literal> section accepts the following | |
597 | key:</para> | |
598 | ||
599 | <variablelist class='network-directives'> | |
600 | <varlistentry> | |
601 | <term><varname>Mode=</varname></term> | |
602 | <listitem> | |
603 | <para>Specifies one of the bonding policies. The default is | |
604 | <literal>balance-rr</literal> (round robin). Possible values are | |
605 | <literal>balance-rr</literal>, | |
606 | <literal>active-backup</literal>, | |
607 | <literal>balance-xor</literal>, | |
608 | <literal>broadcast</literal>, | |
609 | <literal>802.3ad</literal>, | |
610 | <literal>balance-tlb</literal>, and | |
611 | <literal>balance-alb</literal>. | |
612 | </para> | |
613 | </listitem> | |
614 | </varlistentry> | |
615 | ||
616 | <varlistentry> | |
617 | <term><varname>TransmitHashPolicy=</varname></term> | |
618 | <listitem> | |
619 | <para>Selects the transmit hash policy to use for slave | |
620 | selection in balance-xor, 802.3ad, and tlb modes. Possible | |
621 | values are | |
622 | <literal>layer2</literal>, | |
623 | <literal>layer3+4</literal>, | |
624 | <literal>layer2+3</literal>, | |
625 | <literal>encap2+3</literal>, | |
626 | <literal>802.3ad</literal>, and | |
627 | <literal>encap3+4</literal>. | |
628 | </para> | |
629 | </listitem> | |
630 | </varlistentry> | |
631 | ||
632 | <varlistentry> | |
633 | <term><varname>LACPTransmitRate=</varname></term> | |
634 | <listitem> | |
635 | <para>Specifies the rate with which link partner transmits | |
636 | Link Aggregation Control Protocol Data Unit packets in | |
637 | 802.3ad mode. Possible values are <literal>slow</literal>, | |
638 | which requests partner to transmit LACPDUs every 30 seconds, | |
639 | and <literal>fast</literal>, which requests partner to | |
640 | transmit LACPDUs every second. The default value is | |
641 | <literal>slow</literal>.</para> | |
642 | </listitem> | |
643 | </varlistentry> | |
644 | ||
645 | <varlistentry> | |
646 | <term><varname>MIIMonitorSec=</varname></term> | |
647 | <listitem> | |
648 | <para>Specifies the frequency that Media Independent | |
649 | Interface link monitoring will occur. A value of zero | |
650 | disables MII link monitoring. This values is rounded down to | |
651 | the nearest millisecond. The default value is 0.</para> | |
652 | </listitem> | |
653 | </varlistentry> | |
654 | ||
655 | <varlistentry> | |
656 | <term><varname>UpDelaySec=</varname></term> | |
657 | <listitem> | |
658 | <para>Specifies the delay before a link is enabled after a | |
659 | link up status has been detected. This value is rounded down | |
660 | to a multiple of MIIMonitorSec. The default value is | |
661 | 0.</para> | |
662 | </listitem> | |
663 | </varlistentry> | |
664 | ||
665 | <varlistentry> | |
666 | <term><varname>DownDelaySec=</varname></term> | |
667 | <listitem> | |
668 | <para>Specifies the delay before a link is disabled after a | |
669 | link down status has been detected. This value is rounded | |
670 | down to a multiple of MIIMonitorSec. The default value is | |
671 | 0.</para> | |
672 | </listitem> | |
673 | </varlistentry> | |
674 | ||
81bd37a8 | 675 | <varlistentry> |
38422da7 | 676 | <term><varname>LearnPacketIntervalSec=</varname></term> |
81bd37a8 SS |
677 | <listitem> |
678 | <para>Specifies the number of seconds between instances where the bonding | |
679 | driver sends learning packets to each slaves peer switch. | |
680 | The valid range is 1 - 0x7fffffff; the default value is 1. This Option | |
681 | has effect only in balance-tlb and balance-alb modes.</para> | |
682 | </listitem> | |
683 | </varlistentry> | |
684 | ||
685 | <varlistentry> | |
686 | <term><varname>AdSelect=</varname></term> | |
687 | <listitem> | |
688 | <para>Specifies the 802.3ad aggregation selection logic to use. Possible values are | |
689 | <literal>stable</literal>, | |
690 | <literal>bandwidth</literal>, | |
691 | <literal>count</literal> | |
692 | </para> | |
693 | </listitem> | |
694 | </varlistentry> | |
695 | ||
696 | <varlistentry> | |
38422da7 | 697 | <term><varname>FailOverMACPolicy=</varname></term> |
81bd37a8 SS |
698 | <listitem> |
699 | <para>Specifies whether active-backup mode should set all slaves to | |
700 | the same MAC address at enslavement or, when enabled, perform special handling of the | |
701 | bond's MAC address in accordance with the selected policy. The default policy is none. | |
702 | Possible values are | |
703 | <literal>none</literal>, | |
704 | <literal>active</literal>, | |
705 | <literal>follow</literal> | |
706 | </para> | |
707 | </listitem> | |
708 | </varlistentry> | |
709 | ||
710 | <varlistentry> | |
38422da7 | 711 | <term><varname>ARPValidate=</varname></term> |
81bd37a8 SS |
712 | <listitem> |
713 | <para>Specifies whether or not ARP probes and replies should be | |
38422da7 | 714 | validated in any mode that supports ARP monitoring, or whether |
81bd37a8 SS |
715 | non-ARP traffic should be filtered (disregarded) for link |
716 | monitoring purposes. Possible values are | |
717 | <literal>none</literal>, | |
718 | <literal>active</literal>, | |
719 | <literal>backup</literal>, | |
720 | <literal>all</literal> | |
721 | </para> | |
722 | </listitem> | |
723 | </varlistentry> | |
724 | ||
725 | <varlistentry> | |
38422da7 | 726 | <term><varname>ARPIntervalSec=</varname></term> |
81bd37a8 SS |
727 | <listitem> |
728 | <para>Specifies the ARP link monitoring frequency in milliseconds. | |
729 | A value of 0 disables ARP monitoring. The default value is 0. | |
730 | </para> | |
731 | </listitem> | |
732 | </varlistentry> | |
733 | ||
734 | <varlistentry> | |
38422da7 | 735 | <term><varname>ARPIPTargets=</varname></term> |
81bd37a8 SS |
736 | <listitem> |
737 | <para>Specifies the IP addresses to use as ARP monitoring peers when | |
38422da7 | 738 | ARPIntervalSec is greater than 0. These are the targets of the ARP request |
81bd37a8 SS |
739 | sent to determine the health of the link to the targets. |
740 | Specify these values in ipv4 dotted decimal format. At least one IP | |
741 | address must be given for ARP monitoring to function. The | |
742 | maximum number of targets that can be specified is 16. The | |
743 | default value is no IP addresses. | |
744 | </para> | |
745 | </listitem> | |
746 | </varlistentry> | |
747 | ||
748 | <varlistentry> | |
38422da7 | 749 | <term><varname>ARPAllTargets=</varname></term> |
81bd37a8 | 750 | <listitem> |
38422da7 | 751 | <para>Specifies the quantity of ARPIPTargets that must be reachable |
81bd37a8 SS |
752 | in order for the ARP monitor to consider a slave as being up. |
753 | This option affects only active-backup mode for slaves with | |
38422da7 | 754 | ARPValidate enabled. Possible values are |
81bd37a8 SS |
755 | <literal>any</literal>, |
756 | <literal>all</literal> | |
757 | </para> | |
758 | </listitem> | |
759 | </varlistentry> | |
760 | ||
761 | <varlistentry> | |
38422da7 | 762 | <term><varname>PrimaryReselectPolicy=</varname></term> |
81bd37a8 SS |
763 | <listitem> |
764 | <para>Specifies the reselection policy for the primary slave. This | |
765 | affects how the primary slave is chosen to become the active slave | |
766 | when failure of the active slave or recovery of the primary slave | |
767 | occurs. This option is designed to prevent flip-flopping between | |
768 | the primary slave and other slaves. Possible values are | |
769 | <literal>always</literal>, | |
770 | <literal>better</literal>, | |
771 | <literal>failure</literal> | |
772 | </para> | |
773 | </listitem> | |
774 | </varlistentry> | |
775 | ||
776 | <varlistentry> | |
777 | <term><varname>ResendIGMP=</varname></term> | |
778 | <listitem> | |
779 | <para>Specifies the number of IGMP membership reports to be issued after | |
780 | a failover event. One membership report is issued immediately after | |
781 | the failover, subsequent packets are sent in each 200ms interval. | |
782 | The valid range is (0 - 255). Defaults to 1. A value of 0 | |
783 | prevents the IGMP membership report from being issued in response | |
784 | to the failover event. | |
785 | </para> | |
786 | </listitem> | |
787 | </varlistentry> | |
788 | ||
789 | <varlistentry> | |
790 | <term><varname>PacketsPerSlave=</varname></term> | |
791 | <listitem> | |
792 | <para> Specify the number of packets to transmit through a slave before | |
793 | moving to the next one. When set to 0 then a slave is chosen at | |
794 | random.The valid range is (0 - 65535). Defaults to 1. This option | |
795 | has effect only in balance-rr mode. | |
796 | </para> | |
797 | </listitem> | |
798 | </varlistentry> | |
799 | ||
800 | <varlistentry> | |
38422da7 | 801 | <term><varname>GratuitousARP=</varname></term> |
81bd37a8 SS |
802 | <listitem> |
803 | <para>Specify the number of peer notifications (gratuitous ARPs and | |
804 | unsolicited IPv6 Neighbor Advertisements) to be issued after a | |
805 | failover event. As soon as the link is up on the new slave | |
806 | a peer notification is sent on the bonding device and each | |
807 | VLAN sub-device. This is repeated at each link monitor interval | |
38422da7 | 808 | (ARPIntervalSec or MIIMonitorSec, whichever is active) if the number is |
81bd37a8 | 809 | greater than 1. The valid range is (0 - 255). Default value is 1. |
38422da7 | 810 | These options affect only the active-backup mode. |
81bd37a8 SS |
811 | </para> |
812 | </listitem> | |
813 | </varlistentry> | |
814 | ||
815 | <varlistentry> | |
816 | <term><varname>AllSlavesActive=</varname></term> | |
817 | <listitem> | |
818 | <para> A boolean. Specifies that duplicate frames (received on inactive ports) | |
819 | should be dropped false or delivered true. Normally, bonding will drop | |
820 | duplicate frames (received on inactive ports), which is desirable for | |
821 | most users. But there are some times it is nice to allow duplicate | |
822 | frames to be delivered. The default value is false (drop duplicate frames | |
823 | received on inactive ports). | |
824 | </para> | |
825 | </listitem> | |
826 | </varlistentry> | |
827 | ||
828 | <varlistentry> | |
829 | <term><varname>MinLinks=</varname></term> | |
830 | <listitem> | |
831 | <para>Specifies the minimum number of links that must be active before | |
832 | asserting carrier. The default value is 0. | |
833 | </para> | |
834 | </listitem> | |
835 | </varlistentry> | |
836 | ||
798d3a52 | 837 | </variablelist> |
81bd37a8 SS |
838 | |
839 | <para>For more detail information see | |
840 | <ulink url="https://www.kernel.org/doc/Documentation/networking/bonding.txt"> | |
841 | Linux Ethernet Bonding Driver HOWTO</ulink></para> | |
842 | ||
798d3a52 ZJS |
843 | </refsect1> |
844 | ||
845 | <refsect1> | |
846 | <title>Example</title> | |
847 | <example> | |
681eb9cf | 848 | <title>&pkgsysconfdir;/network/bridge.netdev</title> |
798d3a52 ZJS |
849 | |
850 | <programlisting>[NetDev] | |
eac684ef TG |
851 | Name=bridge0 |
852 | Kind=bridge</programlisting> | |
798d3a52 | 853 | </example> |
eac684ef | 854 | |
798d3a52 | 855 | <example> |
681eb9cf | 856 | <title>&pkgsysconfdir;/network/vlan1.netdev</title> |
eac684ef | 857 | |
798d3a52 | 858 | <programlisting>[Match] |
eac684ef TG |
859 | Virtualization=no |
860 | ||
861 | [NetDev] | |
862 | Name=vlan1 | |
863 | Kind=vlan | |
864 | ||
865 | [VLAN] | |
866 | Id=1</programlisting> | |
798d3a52 ZJS |
867 | </example> |
868 | <example> | |
681eb9cf | 869 | <title>&pkgsysconfdir;/network/ipip.netdev</title> |
798d3a52 | 870 | <programlisting>[NetDev] |
b35a2909 TG |
871 | Name=ipip-tun |
872 | Kind=ipip | |
873 | MTUBytes=1480 | |
874 | ||
875 | [Tunnel] | |
876 | Local=192.168.223.238 | |
877 | Remote=192.169.224.239 | |
878 | TTL=64</programlisting> | |
798d3a52 ZJS |
879 | </example> |
880 | <example> | |
681eb9cf | 881 | <title>&pkgsysconfdir;/network/tap.netdev</title> |
798d3a52 | 882 | <programlisting>[NetDev] |
30ae9dfd SS |
883 | Name=tap-test |
884 | Kind=tap | |
885 | ||
886 | [Tap] | |
887 | MultiQueue=true | |
888 | PacketInfo=true</programlisting> </example> | |
eac684ef | 889 | |
798d3a52 | 890 | <example> |
681eb9cf | 891 | <title>&pkgsysconfdir;/network/sit.netdev</title> |
798d3a52 | 892 | <programlisting>[NetDev] |
b35a2909 TG |
893 | Name=sit-tun |
894 | Kind=sit | |
895 | MTUBytes=1480 | |
896 | ||
897 | [Tunnel] | |
898 | Local=10.65.223.238 | |
899 | Remote=10.65.223.239</programlisting> | |
798d3a52 | 900 | </example> |
eac684ef | 901 | |
798d3a52 | 902 | <example> |
681eb9cf | 903 | <title>&pkgsysconfdir;/network/gre.netdev</title> |
798d3a52 | 904 | <programlisting>[NetDev] |
b35a2909 TG |
905 | Name=gre-tun |
906 | Kind=gre | |
907 | MTUBytes=1480 | |
908 | ||
909 | [Tunnel] | |
910 | Local=10.65.223.238 | |
911 | Remote=10.65.223.239</programlisting> | |
798d3a52 | 912 | </example> |
b35a2909 | 913 | |
798d3a52 | 914 | <example> |
681eb9cf | 915 | <title>&pkgsysconfdir;/network/vti.netdev</title> |
b35a2909 | 916 | |
798d3a52 | 917 | <programlisting>[NetDev] |
b35a2909 TG |
918 | Name=vti-tun |
919 | Kind=vti | |
920 | MTUBytes=1480 | |
921 | ||
922 | [Tunnel] | |
923 | Local=10.65.223.238 | |
924 | Remote=10.65.223.239</programlisting> | |
798d3a52 | 925 | </example> |
b35a2909 | 926 | |
798d3a52 | 927 | <example> |
681eb9cf | 928 | <title>&pkgsysconfdir;/network/veth.netdev</title> |
798d3a52 | 929 | <programlisting>[NetDev] |
b35a2909 TG |
930 | Name=veth-test |
931 | Kind=veth | |
932 | ||
933 | [Peer] | |
934 | Name=veth-peer</programlisting> | |
798d3a52 | 935 | </example> |
b35a2909 | 936 | |
798d3a52 | 937 | <example> |
681eb9cf | 938 | <title>&pkgsysconfdir;/network/dummy.netdev</title> |
798d3a52 | 939 | <programlisting>[NetDev] |
9e358851 TG |
940 | Name=dummy-test |
941 | Kind=dummy | |
942 | MACAddress=12:34:56:78:9a:bc</programlisting> | |
798d3a52 ZJS |
943 | </example> |
944 | ||
945 | </refsect1> | |
946 | <refsect1> | |
947 | <title>See Also</title> | |
948 | <para> | |
949 | <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, | |
950 | <citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, | |
951 | <citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
952 | <citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
953 | </para> | |
954 | </refsect1> | |
eac684ef TG |
955 | |
956 | </refentry> |