]>
Commit | Line | Data |
---|---|---|
eac684ef TG |
1 | <?xml version='1.0'?> <!--*-nxml-*--> |
2 | <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" | |
12b42c76 | 3 | "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> |
eac684ef TG |
4 | |
5 | <!-- | |
6 | This file is part of systemd. | |
7 | ||
8 | Copyright 2013 Tom Gundersen | |
9 | ||
10 | systemd is free software; you can redistribute it and/or modify it | |
11 | under the terms of the GNU Lesser General Public License as published by | |
12 | the Free Software Foundation; either version 2.1 of the License, or | |
13 | (at your option) any later version. | |
14 | ||
15 | systemd is distributed in the hope that it will be useful, but | |
16 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
17 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
18 | Lesser General Public License for more details. | |
19 | ||
20 | You should have received a copy of the GNU Lesser General Public License | |
21 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
22 | --> | |
23 | ||
24 | <refentry id="systemd.netdev" conditional='ENABLE_NETWORKD'> | |
25 | ||
798d3a52 ZJS |
26 | <refentryinfo> |
27 | <title>systemd.network</title> | |
28 | <productname>systemd</productname> | |
29 | ||
30 | <authorgroup> | |
31 | <author> | |
32 | <contrib>Developer</contrib> | |
33 | <firstname>Tom</firstname> | |
34 | <surname>Gundersen</surname> | |
35 | <email>teg@jklm.no</email> | |
36 | </author> | |
37 | </authorgroup> | |
38 | </refentryinfo> | |
39 | ||
40 | <refmeta> | |
41 | <refentrytitle>systemd.netdev</refentrytitle> | |
42 | <manvolnum>5</manvolnum> | |
43 | </refmeta> | |
44 | ||
45 | <refnamediv> | |
46 | <refname>systemd.netdev</refname> | |
47 | <refpurpose>Virtual Network Device configuration</refpurpose> | |
48 | </refnamediv> | |
49 | ||
50 | <refsynopsisdiv> | |
51 | <para><filename><replaceable>netdev</replaceable>.netdev</filename></para> | |
52 | </refsynopsisdiv> | |
53 | ||
54 | <refsect1> | |
55 | <title>Description</title> | |
56 | ||
57 | <para>Network setup is performed by | |
58 | <citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>. | |
59 | </para> | |
60 | ||
bac150e9 ZJS |
61 | <para>The main Virtual Network Device file must have the extension <filename>.netdev</filename>; |
62 | other extensions are ignored. Virtual network devices are created as soon as networkd is | |
63 | started. If a netdev with the specified name already exists, networkd will use that as-is rather | |
64 | than create its own. Note that the settings of the pre-existing netdev will not be changed by | |
798d3a52 ZJS |
65 | networkd.</para> |
66 | ||
bac150e9 ZJS |
67 | <para>The <filename>.netdev</filename> files are read from the files located in the system |
68 | network directory <filename>/usr/lib/systemd/network</filename>, the volatile runtime network | |
69 | directory <filename>/run/systemd/network</filename> and the local administration network | |
70 | directory <filename>/etc/systemd/network</filename>. All configuration files are collectively | |
71 | sorted and processed in lexical order, regardless of the directories in which they live. | |
72 | However, files with identical filenames replace each other. Files in <filename>/etc</filename> | |
73 | have the highest priority, files in <filename>/run</filename> take precedence over files with | |
74 | the same name in <filename>/usr/lib</filename>. This can be used to override a system-supplied | |
75 | configuration file with a local file if needed. As a special case, an empty file (file size 0) | |
76 | or symlink with the same name pointing to <filename>/dev/null</filename> disables the | |
77 | configuration file entirely (it is "masked").</para> | |
78 | ||
79 | <para>Along with the netdev file <filename>foo.netdev</filename>, a "drop-in" directory | |
80 | <filename>foo.netdev.d/</filename> may exist. All files with the suffix <literal>.conf</literal> | |
81 | from this directory will be parsed after the file itself is parsed. This is useful to alter or | |
82 | add configuration settings, without having to modify the main configuration file. Each drop-in | |
83 | file must have appropriate section headers.</para> | |
84 | ||
85 | <para>In addition to <filename>/etc/systemd/network</filename>, drop-in <literal>.d</literal> | |
86 | directories can be placed in <filename>/usr/lib/systemd/network</filename> or | |
87 | <filename>/run/systemd/network</filename> directories. Drop-in files in | |
88 | <filename>/etc</filename> take precedence over those in <filename>/run</filename> which in turn | |
89 | take precedence over those in <filename>/usr/lib</filename>. Drop-in files under any of these | |
90 | directories take precedence over the main netdev file wherever located. (Of course, since | |
91 | <filename>/run</filename> is temporary and <filename>/usr/lib</filename> is for vendors, it is | |
92 | unlikely drop-ins should be used in either of those places.)</para> | |
798d3a52 ZJS |
93 | </refsect1> |
94 | ||
95 | <refsect1> | |
96 | <title>Supported netdev kinds</title> | |
97 | ||
98 | <para>The following kinds of virtual network devices may be | |
99 | configured in <filename>.netdev</filename> files:</para> | |
100 | ||
101 | <table> | |
102 | <title>Supported kinds of virtual network devices</title> | |
103 | ||
104 | <tgroup cols='2'> | |
105 | <colspec colname='kind' /> | |
106 | <colspec colname='explanation' /> | |
107 | <thead><row> | |
108 | <entry>Kind</entry> | |
109 | <entry>Description</entry> | |
110 | </row></thead> | |
111 | <tbody> | |
112 | <row><entry><varname>bond</varname></entry> | |
113 | <entry>A bond device is an aggregation of all its slave devices. See <ulink url="https://www.kernel.org/doc/Documentation/networking/bonding.txt">Linux Ethernet Bonding Driver HOWTO</ulink> for details.Local configuration</entry></row> | |
114 | ||
115 | <row><entry><varname>bridge</varname></entry> | |
a8eaaee7 | 116 | <entry>A bridge device is a software switch, and each of its slave devices and the bridge itself are ports of the switch.</entry></row> |
798d3a52 ZJS |
117 | |
118 | <row><entry><varname>dummy</varname></entry> | |
119 | <entry>A dummy device drops all packets sent to it.</entry></row> | |
120 | ||
121 | <row><entry><varname>gre</varname></entry> | |
122 | <entry>A Level 3 GRE tunnel over IPv4. See <ulink url="https://tools.ietf.org/html/rfc2784">RFC 2784</ulink> for details.</entry></row> | |
123 | ||
124 | <row><entry><varname>gretap</varname></entry> | |
125 | <entry>A Level 2 GRE tunnel over IPv4.</entry></row> | |
126 | ||
127 | <row><entry><varname>ip6gre</varname></entry> | |
128 | <entry>A Level 3 GRE tunnel over IPv6.</entry></row> | |
129 | ||
130 | <row><entry><varname>ip6tnl</varname></entry> | |
131 | <entry>An IPv4 or IPv6 tunnel over IPv6</entry></row> | |
132 | ||
133 | <row><entry><varname>ip6gretap</varname></entry> | |
037a3ded | 134 | <entry>A Level 2 GRE tunnel over IPv6.</entry></row> |
798d3a52 ZJS |
135 | |
136 | <row><entry><varname>ipip</varname></entry> | |
137 | <entry>An IPv4 over IPv4 tunnel.</entry></row> | |
138 | ||
139 | <row><entry><varname>ipvlan</varname></entry> | |
140 | <entry>An ipvlan device is a stacked device which receives packets from its underlying device based on IP address filtering.</entry></row> | |
141 | ||
142 | <row><entry><varname>macvlan</varname></entry> | |
143 | <entry>A macvlan device is a stacked device which receives packets from its underlying device based on MAC address filtering.</entry></row> | |
144 | ||
0371f2df SS |
145 | <row><entry><varname>macvtap</varname></entry> |
146 | <entry>A macvtap device is a stacked device which receives packets from its underlying device based on MAC address filtering.</entry></row> | |
147 | ||
798d3a52 ZJS |
148 | <row><entry><varname>sit</varname></entry> |
149 | <entry>An IPv6 over IPv4 tunnel.</entry></row> | |
150 | ||
151 | <row><entry><varname>tap</varname></entry> | |
152 | <entry>A persistent Level 2 tunnel between a network device and a device node.</entry></row> | |
153 | ||
154 | <row><entry><varname>tun</varname></entry> | |
155 | <entry>A persistent Level 3 tunnel between a network device and a device node.</entry></row> | |
156 | ||
157 | <row><entry><varname>veth</varname></entry> | |
a8eaaee7 | 158 | <entry>An Ethernet tunnel between a pair of network devices.</entry></row> |
798d3a52 ZJS |
159 | |
160 | <row><entry><varname>vlan</varname></entry> | |
161 | <entry>A VLAN is a stacked device which receives packets from its underlying device based on VLAN tagging. See <ulink url="http://www.ieee802.org/1/pages/802.1Q.html">IEEE 802.1Q</ulink> for details.</entry></row> | |
162 | ||
163 | <row><entry><varname>vti</varname></entry> | |
164 | <entry>An IPv4 over IPSec tunnel.</entry></row> | |
165 | ||
5cc0748e SS |
166 | <row><entry><varname>vti6</varname></entry> |
167 | <entry>An IPv6 over IPSec tunnel.</entry></row> | |
168 | ||
798d3a52 ZJS |
169 | <row><entry><varname>vxlan</varname></entry> |
170 | <entry>A virtual extensible LAN (vxlan), for connecting Cloud computing deployments.</entry></row> | |
20897a0d AR |
171 | |
172 | <row><entry><varname>vrf</varname></entry> | |
92c918b0 SS |
173 | <entry>A Virtual Routing and Forwarding (<ulink url="https://www.kernel.org/doc/Documentation/networking/vrf.txt">VRF</ulink>) interface to create separate routing and forwarding domains.</entry></row> |
174 | ||
175 | <row><entry><varname>vcan</varname></entry> | |
ba9fa3bc | 176 | <entry>The virtual CAN driver (vcan). Similar to the network loopback devices, vcan offers a virtual local CAN interface.</entry></row> |
20897a0d | 177 | |
798d3a52 ZJS |
178 | </tbody> |
179 | </tgroup> | |
180 | </table> | |
181 | ||
182 | </refsect1> | |
183 | ||
184 | <refsect1> | |
185 | <title>[Match] Section Options</title> | |
186 | ||
187 | <para>A virtual network device is only created if the | |
188 | <literal>[Match]</literal> section matches the current | |
189 | environment, or if the section is empty. The following keys are | |
190 | accepted:</para> | |
191 | ||
192 | <variablelist class='network-directives'> | |
193 | <varlistentry> | |
194 | <term><varname>Host=</varname></term> | |
195 | <listitem> | |
196 | <para>Matches against the hostname or machine ID of the | |
197 | host. See <literal>ConditionHost=</literal> in | |
198 | <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
199 | for details. | |
200 | </para> | |
201 | </listitem> | |
202 | </varlistentry> | |
203 | <varlistentry> | |
204 | <term><varname>Virtualization=</varname></term> | |
205 | <listitem> | |
206 | <para>Checks whether the system is executed in a virtualized | |
207 | environment and optionally test whether it is a specific | |
208 | implementation. See | |
209 | <literal>ConditionVirtualization=</literal> in | |
210 | <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
211 | for details. | |
212 | </para> | |
213 | </listitem> | |
214 | </varlistentry> | |
215 | <varlistentry> | |
216 | <term><varname>KernelCommandLine=</varname></term> | |
217 | <listitem> | |
218 | <para>Checks whether a specific kernel command line option | |
219 | is set (or if prefixed with the exclamation mark unset). See | |
220 | <literal>ConditionKernelCommandLine=</literal> in | |
221 | <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
222 | for details. | |
223 | </para> | |
224 | </listitem> | |
225 | </varlistentry> | |
226 | <varlistentry> | |
227 | <term><varname>Architecture=</varname></term> | |
228 | <listitem> | |
229 | <para>Checks whether the system is running on a specific | |
230 | architecture. See <literal>ConditionArchitecture=</literal> in | |
231 | <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
232 | for details. | |
233 | </para> | |
234 | </listitem> | |
235 | </varlistentry> | |
236 | </variablelist> | |
237 | ||
238 | </refsect1> | |
239 | ||
240 | <refsect1> | |
241 | <title>[NetDev] Section Options</title> | |
242 | ||
243 | <para>The <literal>[NetDev]</literal> section accepts the | |
244 | following keys:</para> | |
245 | ||
246 | <variablelist class='network-directives'> | |
247 | <varlistentry> | |
248 | <term><varname>Description=</varname></term> | |
249 | <listitem> | |
250 | <para>A free-form description of the netdev.</para> | |
251 | </listitem> | |
252 | </varlistentry> | |
253 | <varlistentry> | |
254 | <term><varname>Name=</varname></term> | |
255 | <listitem> | |
256 | <para>The interface name used when creating the netdev. | |
257 | This option is compulsory.</para> | |
258 | </listitem> | |
259 | </varlistentry> | |
260 | <varlistentry> | |
261 | <term><varname>Kind=</varname></term> | |
262 | <listitem> | |
263 | <para>The netdev kind. This option is compulsory. See the | |
264 | <literal>Supported netdev kinds</literal> section for the | |
265 | valid keys.</para> | |
266 | </listitem> | |
267 | </varlistentry> | |
268 | <varlistentry> | |
269 | <term><varname>MTUBytes=</varname></term> | |
270 | <listitem> | |
271 | <para>The maximum transmission unit in bytes to set for | |
272 | the device. The usual suffixes K, M, G, are supported and | |
273 | are understood to the base of 1024. This key is not | |
ff9b60f3 | 274 | currently supported for <literal>tun</literal> or |
798d3a52 ZJS |
275 | <literal>tap</literal> devices. |
276 | </para> | |
277 | </listitem> | |
278 | </varlistentry> | |
279 | <varlistentry> | |
280 | <term><varname>MACAddress=</varname></term> | |
281 | <listitem> | |
282 | <para>The MAC address to use for the device. If none is | |
283 | given, one is generated based on the interface name and | |
284 | the | |
285 | <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry>. | |
ff9b60f3 | 286 | This key is not currently supported for |
798d3a52 ZJS |
287 | <literal>tun</literal> or <literal>tap</literal> devices. |
288 | </para> | |
289 | </listitem> | |
290 | </varlistentry> | |
291 | </variablelist> | |
292 | </refsect1> | |
293 | ||
3428fe07 SS |
294 | <refsect1> |
295 | <title>[Bridge] Section Options</title> | |
296 | ||
297 | <para>The <literal>[Bridge]</literal> section only applies for | |
298 | netdevs of kind <literal>bridge</literal>, and accepts the | |
a8eaaee7 | 299 | following keys:</para> |
3428fe07 SS |
300 | |
301 | <variablelist class='network-directives'> | |
302 | <varlistentry> | |
303 | <term><varname>HelloTimeSec=</varname></term> | |
304 | <listitem> | |
a8eaaee7 | 305 | <para>HelloTimeSec specifies the number of seconds between two hello packets |
3428fe07 SS |
306 | sent out by the root bridge and the designated bridges. Hello packets are |
307 | used to communicate information about the topology throughout the entire | |
308 | bridged local area network.</para> | |
309 | </listitem> | |
310 | </varlistentry> | |
311 | <varlistentry> | |
312 | <term><varname>MaxAgeSec=</varname></term> | |
313 | <listitem> | |
314 | <para>MaxAgeSec specifies the number of seconds of maximum message age. | |
315 | If the last seen (received) hello packet is more than this number of | |
316 | seconds old, the bridge in question will start the takeover procedure | |
317 | in attempt to become the Root Bridge itself.</para> | |
318 | </listitem> | |
319 | </varlistentry> | |
320 | <varlistentry> | |
321 | <term><varname>ForwardDelaySec=</varname></term> | |
322 | <listitem> | |
323 | <para>ForwardDelaySec specifies the number of seconds spent in each | |
324 | of the Listening and Learning states before the Forwarding state is entered.</para> | |
325 | </listitem> | |
326 | </varlistentry> | |
c7440e74 TJ |
327 | <varlistentry> |
328 | <term><varname>AgeingTimeSec=</varname></term> | |
329 | <listitem> | |
330 | <para>This specifies the number of seconds a MAC Address will be kept in | |
d23a0044 | 331 | the forwarding database after having a packet received from this MAC Address.</para> |
c7440e74 TJ |
332 | </listitem> |
333 | </varlistentry> | |
334 | <varlistentry> | |
335 | <term><varname>Priority=</varname></term> | |
336 | <listitem> | |
337 | <para>The priority of the bridge. An integer between 0 and 65535. A lower value | |
338 | means higher priority. The bridge having the lowest priority will be elected as root bridge.</para> | |
339 | </listitem> | |
340 | </varlistentry> | |
341 | <varlistentry> | |
342 | <term><varname>DefaultPVID=</varname></term> | |
343 | <listitem> | |
344 | <para>This specifies the default port VLAN ID of a newly attached bridge port.</para> | |
345 | </listitem> | |
346 | </varlistentry> | |
3fef7a3f SS |
347 | <varlistentry> |
348 | <term><varname>MulticastQuerier=</varname></term> | |
349 | <listitem> | |
350 | <para>A boolean. This setting controls the IFLA_BR_MCAST_QUERIER option in the kernel. | |
351 | If enabled, the kernel will send general ICMP queries from a zero source address. | |
352 | This feature should allow faster convergence on startup, but it causes some | |
353 | multicast-aware switches to misbehave and disrupt forwarding of multicast packets. | |
354 | When unset, the kernel's default setting applies. | |
355 | </para> | |
356 | </listitem> | |
357 | </varlistentry> | |
6df6d898 SS |
358 | <varlistentry> |
359 | <term><varname>MulticastSnooping=</varname></term> | |
360 | <listitem> | |
361 | <para>A boolean. This setting controls the IFLA_BR_MCAST_SNOOPING option in the kernel. | |
362 | If enabled, IGMP snooping monitors the Internet Group Management Protocol (IGMP) traffic | |
363 | between hosts and multicast routers. When unset, the kernel's default setting applies. | |
364 | </para> | |
365 | </listitem> | |
366 | </varlistentry> | |
c6f8d17d TJ |
367 | <varlistentry> |
368 | <term><varname>VLANFiltering=</varname></term> | |
369 | <listitem> | |
370 | <para>A boolean. This setting controls the IFLA_BR_VLAN_FILTERING option in the kernel. | |
371 | If enabled, the bridge will be started in VLAN-filtering mode. When unset, the kernel's | |
372 | default setting applies. | |
373 | </para> | |
374 | </listitem> | |
375 | </varlistentry> | |
b760a9af SS |
376 | <varlistentry> |
377 | <term><varname>STP=</varname></term> | |
378 | <listitem> | |
379 | <para>A boolean. This enables the bridge's Spanning Tree Protocol (STP). When unset, | |
380 | the kernel's default setting applies. | |
381 | </para> | |
382 | </listitem> | |
383 | </varlistentry> | |
3428fe07 | 384 | </variablelist> |
3428fe07 SS |
385 | </refsect1> |
386 | ||
798d3a52 ZJS |
387 | <refsect1> |
388 | <title>[VLAN] Section Options</title> | |
389 | ||
390 | <para>The <literal>[VLAN]</literal> section only applies for | |
391 | netdevs of kind <literal>vlan</literal>, and accepts the | |
392 | following key:</para> | |
393 | ||
394 | <variablelist class='network-directives'> | |
395 | <varlistentry> | |
396 | <term><varname>Id=</varname></term> | |
397 | <listitem> | |
398 | <para>The VLAN ID to use. An integer in the range 0–4094. | |
399 | This option is compulsory.</para> | |
400 | </listitem> | |
401 | </varlistentry> | |
402 | </variablelist> | |
403 | ||
404 | </refsect1> | |
405 | ||
406 | <refsect1> | |
407 | <title>[MACVLAN] Section Options</title> | |
408 | ||
409 | <para>The <literal>[MACVLAN]</literal> section only applies for | |
410 | netdevs of kind <literal>macvlan</literal>, and accepts the | |
411 | following key:</para> | |
412 | ||
413 | <variablelist class='network-directives'> | |
414 | <varlistentry> | |
415 | <term><varname>Mode=</varname></term> | |
416 | <listitem> | |
417 | <para>The MACVLAN mode to use. The supported options are | |
418 | <literal>private</literal>, | |
419 | <literal>vepa</literal>, | |
420 | <literal>bridge</literal>, and | |
421 | <literal>passthru</literal>. | |
422 | </para> | |
423 | </listitem> | |
424 | </varlistentry> | |
425 | </variablelist> | |
426 | ||
427 | </refsect1> | |
428 | ||
0371f2df SS |
429 | <refsect1> |
430 | <title>[MACVTAP] Section Options</title> | |
431 | ||
432 | <para>The <literal>[MACVTAP]</literal> section applies for | |
433 | netdevs of kind <literal>macvtap</literal> and accepts the | |
96d49011 | 434 | same key as <literal>[MACVLAN]</literal>.</para> |
0371f2df SS |
435 | |
436 | </refsect1> | |
437 | ||
798d3a52 ZJS |
438 | <refsect1> |
439 | <title>[IPVLAN] Section Options</title> | |
440 | ||
441 | <para>The <literal>[IPVLAN]</literal> section only applies for | |
442 | netdevs of kind <literal>ipvlan</literal>, and accepts the | |
443 | following key:</para> | |
444 | ||
445 | <variablelist class='network-directives'> | |
446 | <varlistentry> | |
447 | <term><varname>Mode=</varname></term> | |
448 | <listitem> | |
449 | <para>The IPVLAN mode to use. The supported options are | |
450 | <literal>L2</literal> and <literal>L3</literal>. | |
451 | </para> | |
452 | </listitem> | |
453 | </varlistentry> | |
454 | </variablelist> | |
455 | ||
456 | </refsect1> | |
457 | ||
458 | <refsect1> | |
459 | <title>[VXLAN] Section Options</title> | |
460 | <para>The <literal>[VXLAN]</literal> section only applies for | |
461 | netdevs of kind <literal>vxlan</literal>, and accepts the | |
462 | following keys:</para> | |
463 | ||
464 | <variablelist class='network-directives'> | |
465 | <varlistentry> | |
466 | <term><varname>Id=</varname></term> | |
467 | <listitem> | |
468 | <para>The VXLAN ID to use.</para> | |
469 | </listitem> | |
470 | </varlistentry> | |
471 | <varlistentry> | |
472 | <term><varname>Group=</varname></term> | |
473 | <listitem> | |
474 | <para>An assigned multicast group IP address.</para> | |
475 | </listitem> | |
476 | </varlistentry> | |
477 | <varlistentry> | |
478 | <term><varname>TOS=</varname></term> | |
479 | <listitem> | |
480 | <para>The Type Of Service byte value for a vxlan interface.</para> | |
481 | </listitem> | |
482 | </varlistentry> | |
483 | <varlistentry> | |
484 | <term><varname>TTL=</varname></term> | |
485 | <listitem> | |
486 | <para>A fixed Time To Live N on Virtual eXtensible Local | |
b938cb90 | 487 | Area Network packets. N is a number in the range 1–255. 0 |
798d3a52 ZJS |
488 | is a special value meaning that packets inherit the TTL |
489 | value.</para> | |
490 | </listitem> | |
491 | </varlistentry> | |
492 | <varlistentry> | |
493 | <term><varname>MacLearning=</varname></term> | |
494 | <listitem> | |
495 | <para>A boolean. When true, enables dynamic MAC learning | |
496 | to discover remote MAC addresses.</para> | |
497 | </listitem> | |
498 | </varlistentry> | |
499 | <varlistentry> | |
500 | <term><varname>FDBAgeingSec=</varname></term> | |
501 | <listitem> | |
502 | <para>The lifetime of Forwarding Database entry learnt by | |
b938cb90 | 503 | the kernel, in seconds.</para> |
798d3a52 ZJS |
504 | </listitem> |
505 | </varlistentry> | |
506 | <varlistentry> | |
3d276dd2 SS |
507 | <term><varname>MaximumFDBEntries=</varname></term> |
508 | <listitem> | |
509 | <para>Configures maximum number of FDB entries.</para> | |
510 | </listitem> | |
511 | </varlistentry> | |
798d3a52 | 512 | <varlistentry> |
7dd6974c | 513 | <term><varname>ReduceARPProxy=</varname></term> |
798d3a52 | 514 | <listitem> |
7dd6974c SS |
515 | <para>A boolean. When true, bridge-connected VXLAN tunnel |
516 | endpoint answers ARP requests from the local bridge on behalf | |
517 | of remote Distributed Overlay Virtual Ethernet | |
518 | <ulink url="https://en.wikipedia.org/wiki/Distributed_Overlay_Virtual_Ethernet"> | |
519 | (DVOE)</ulink> clients. Defaults to false.</para> | |
798d3a52 ZJS |
520 | </listitem> |
521 | </varlistentry> | |
522 | <varlistentry> | |
523 | <term><varname>L2MissNotification=</varname></term> | |
524 | <listitem> | |
525 | <para>A boolean. When true, enables netlink LLADDR miss | |
526 | notifications.</para> | |
527 | </listitem> | |
528 | </varlistentry> | |
529 | <varlistentry> | |
530 | <term><varname>L3MissNotification=</varname></term> | |
531 | <listitem> | |
a8eaaee7 | 532 | <para>A boolean. When true, enables netlink IP address miss |
798d3a52 ZJS |
533 | notifications.</para> |
534 | </listitem> | |
535 | </varlistentry> | |
536 | <varlistentry> | |
537 | <term><varname>RouteShortCircuit=</varname></term> | |
538 | <listitem> | |
a8eaaee7 | 539 | <para>A boolean. When true, route short circuiting is turned |
798d3a52 ZJS |
540 | on.</para> |
541 | </listitem> | |
542 | </varlistentry> | |
cffacc74 | 543 | <varlistentry> |
53c06862 | 544 | <term><varname>UDPChecksum=</varname></term> |
cffacc74 | 545 | <listitem> |
b938cb90 | 546 | <para>A boolean. When true, transmitting UDP checksums when doing VXLAN/IPv4 is turned on.</para> |
cffacc74 SS |
547 | </listitem> |
548 | </varlistentry> | |
549 | <varlistentry> | |
550 | <term><varname>UDP6ZeroChecksumTx=</varname></term> | |
551 | <listitem> | |
b938cb90 | 552 | <para>A boolean. When true, sending zero checksums in VXLAN/IPv6 is turned on.</para> |
cffacc74 SS |
553 | </listitem> |
554 | </varlistentry> | |
555 | <varlistentry> | |
53c06862 | 556 | <term><varname>UDP6ZeroChecksumRx=</varname></term> |
cffacc74 | 557 | <listitem> |
b938cb90 | 558 | <para>A boolean. When true, receiving zero checksums in VXLAN/IPv6 is turned on.</para> |
16441027 SS |
559 | </listitem> |
560 | </varlistentry> | |
561 | <varlistentry> | |
53c06862 | 562 | <term><varname>RemoteChecksumTx=</varname></term> |
16441027 SS |
563 | <listitem> |
564 | <para>A boolean. When true, remote transmit checksum offload of VXLAN is turned on.</para> | |
565 | </listitem> | |
566 | </varlistentry> | |
567 | <varlistentry> | |
53c06862 | 568 | <term><varname>RemoteChecksumRx=</varname></term> |
16441027 SS |
569 | <listitem> |
570 | <para>A boolean. When true, remote receive checksum offload in VXLAN is turned on.</para> | |
cffacc74 SS |
571 | </listitem> |
572 | </varlistentry> | |
8b414e52 SS |
573 | <varlistentry> |
574 | <term><varname>GroupPolicyExtension=</varname></term> | |
575 | <listitem> | |
b938cb90 JE |
576 | <para>A boolean. When true, it enables Group Policy VXLAN extension security label mechanism |
577 | across network peers based on VXLAN. For details about the Group Policy VXLAN, see the | |
8b414e52 SS |
578 | <ulink url="https://tools.ietf.org/html/draft-smith-vxlan-group-policy"> |
579 | VXLAN Group Policy </ulink> document. Defaults to false.</para> | |
580 | </listitem> | |
581 | </varlistentry> | |
ea0288d1 SS |
582 | <varlistentry> |
583 | <term><varname>DestinationPort=</varname></term> | |
584 | <listitem> | |
585 | <para>Configures the default destination UDP port on a per-device basis. | |
586 | If destination port is not specified then Linux kernel default will be used. | |
587 | Set destination port 4789 to get the IANA assigned value, | |
588 | and destination port 0 to get default values.</para> | |
589 | </listitem> | |
590 | </varlistentry> | |
591 | <varlistentry> | |
592 | <term><varname>PortRange=</varname></term> | |
593 | <listitem> | |
594 | <para>Configures VXLAN port range. VXLAN bases source | |
595 | UDP port based on flow to help the receiver to be able | |
596 | to load balance based on outer header flow. It | |
597 | restricts the port range to the normal UDP local | |
598 | ports, and allows overriding via configuration.</para> | |
599 | </listitem> | |
600 | </varlistentry> | |
798d3a52 ZJS |
601 | </variablelist> |
602 | </refsect1> | |
603 | <refsect1> | |
604 | <title>[Tunnel] Section Options</title> | |
605 | ||
606 | <para>The <literal>[Tunnel]</literal> section only applies for | |
607 | netdevs of kind | |
608 | <literal>ipip</literal>, | |
609 | <literal>sit</literal>, | |
610 | <literal>gre</literal>, | |
611 | <literal>gretap</literal>, | |
612 | <literal>ip6gre</literal>, | |
613 | <literal>ip6gretap</literal>, | |
5cc0748e SS |
614 | <literal>vti</literal>, |
615 | <literal>vti6</literal>, and | |
798d3a52 ZJS |
616 | <literal>ip6tnl</literal> and accepts |
617 | the following keys:</para> | |
618 | ||
619 | <variablelist class='network-directives'> | |
620 | <varlistentry> | |
621 | <term><varname>Local=</varname></term> | |
622 | <listitem> | |
623 | <para>A static local address for tunneled packets. It must | |
624 | be an address on another interface of this host.</para> | |
625 | </listitem> | |
626 | </varlistentry> | |
627 | <varlistentry> | |
628 | <term><varname>Remote=</varname></term> | |
629 | <listitem> | |
630 | <para>The remote endpoint of the tunnel.</para> | |
631 | </listitem> | |
632 | </varlistentry> | |
633 | <varlistentry> | |
634 | <term><varname>TOS=</varname></term> | |
635 | <listitem> | |
636 | <para>The Type Of Service byte value for a tunnel interface. | |
b938cb90 | 637 | For details about the TOS, see the |
798d3a52 ZJS |
638 | <ulink url="http://tools.ietf.org/html/rfc1349"> Type of |
639 | Service in the Internet Protocol Suite </ulink> document. | |
640 | </para> | |
641 | </listitem> | |
642 | </varlistentry> | |
643 | <varlistentry> | |
644 | <term><varname>TTL=</varname></term> | |
645 | <listitem> | |
646 | <para>A fixed Time To Live N on tunneled packets. N is a | |
b938cb90 | 647 | number in the range 1–255. 0 is a special value meaning that |
798d3a52 | 648 | packets inherit the TTL value. The default value for IPv4 |
b938cb90 | 649 | tunnels is: inherit. The default value for IPv6 tunnels is |
798d3a52 ZJS |
650 | 64.</para> |
651 | </listitem> | |
652 | </varlistentry> | |
653 | <varlistentry> | |
654 | <term><varname>DiscoverPathMTU=</varname></term> | |
655 | <listitem> | |
656 | <para>A boolean. When true, enables Path MTU Discovery on | |
657 | the tunnel.</para> | |
658 | </listitem> | |
659 | </varlistentry> | |
276de526 SS |
660 | <varlistentry> |
661 | <term><varname>IPv6FlowLabel=</varname></term> | |
662 | <listitem> | |
a8eaaee7 | 663 | <para>Configures the 20-bit flow label (see <ulink url="https://tools.ietf.org/html/rfc6437"> |
276de526 | 664 | RFC 6437</ulink>) field in the IPv6 header (see <ulink url="https://tools.ietf.org/html/rfc2460"> |
a8eaaee7 JE |
665 | RFC 2460</ulink>), which is used by a node to label packets of a flow. |
666 | It is only used for IPv6 tunnels. | |
667 | A flow label of zero is used to indicate packets that have | |
668 | not been labeled. | |
669 | It can be configured to a value in the range 0–0xFFFFF, or be | |
670 | set to <literal>inherit</literal>, in which case the original flowlabel is used.</para> | |
276de526 SS |
671 | </listitem> |
672 | </varlistentry> | |
9b0ca30a | 673 | <varlistentry> |
a9b70f9d | 674 | <term><varname>CopyDSCP=</varname></term> |
9b0ca30a | 675 | <listitem> |
3cf4bcab ZJS |
676 | <para>A boolean. When true, the Differentiated Service Code |
677 | Point (DSCP) field will be copied to the inner header from | |
a9b70f9d | 678 | outer header during the decapsulation of an IPv6 tunnel |
3cf4bcab ZJS |
679 | packet. DSCP is a field in an IP packet that enables different |
680 | levels of service to be assigned to network traffic. | |
681 | Defaults to <literal>no</literal>. | |
9b0ca30a SS |
682 | </para> |
683 | </listitem> | |
684 | </varlistentry> | |
dae398a8 SS |
685 | <varlistentry> |
686 | <term><varname>EncapsulationLimit=</varname></term> | |
687 | <listitem> | |
688 | <para>The Tunnel Encapsulation Limit option specifies how many additional | |
689 | levels of encapsulation are permitted to be prepended to the packet. | |
690 | For example, a Tunnel Encapsulation Limit option containing a limit | |
691 | value of zero means that a packet carrying that option may not enter | |
692 | another tunnel before exiting the current tunnel. | |
693 | (see <ulink url="https://tools.ietf.org/html/rfc2473#section-4.1.1"> RFC 2473</ulink>). | |
b938cb90 | 694 | The valid range is 0–255 and <literal>none</literal>. Defaults to 4. |
dae398a8 SS |
695 | </para> |
696 | </listitem> | |
697 | </varlistentry> | |
1d710029 SS |
698 | <varlistentry> |
699 | <term><varname>Key=</varname></term> | |
700 | <listitem> | |
701 | <para>The <varname>Key=</varname> parameter specifies the same key to use in | |
702 | both directions (<varname>InputKey=</varname> and <varname>OutputKey=</varname>). | |
703 | The <varname>Key=</varname> is either a number or an IPv4 address-like dotted quad. | |
704 | It is used as mark-configured SAD/SPD entry as part of the lookup key (both in data | |
705 | and control path) in ip xfrm (framework used to implement IPsec protocol). | |
706 | See <ulink url="http://man7.org/linux/man-pages/man8/ip-xfrm.8.html"> | |
e306f2df | 707 | ip-xfrm — transform configuration</ulink> for details. It is only used for VTI/VTI6 |
1d710029 SS |
708 | tunnels.</para> |
709 | </listitem> | |
710 | </varlistentry> | |
711 | <varlistentry> | |
712 | <term><varname>InputKey=</varname></term> | |
713 | <listitem> | |
714 | <para>The <varname>InputKey=</varname> parameter specifies the key to use for input. | |
715 | The format is same as <varname>Key=</varname>. It is only used for VTI/VTI6 tunnels.</para> | |
716 | </listitem> | |
717 | </varlistentry> | |
718 | <varlistentry> | |
719 | <term><varname>OutputKey=</varname></term> | |
720 | <listitem> | |
721 | <para>The <varname>OutputKey=</varname> parameter specifies the key to use for output. | |
722 | The format is same as <varname>Key=</varname>. It is only used for VTI/VTI6 tunnels.</para> | |
723 | </listitem> | |
724 | </varlistentry> | |
798d3a52 ZJS |
725 | <varlistentry> |
726 | <term><varname>Mode=</varname></term> | |
727 | <listitem> | |
a8eaaee7 | 728 | <para>An <literal>ip6tnl</literal> tunnel can be in one of three |
798d3a52 ZJS |
729 | modes |
730 | <literal>ip6ip6</literal> for IPv6 over IPv6, | |
731 | <literal>ipip6</literal> for IPv4 over IPv6 or | |
732 | <literal>any</literal> for either. | |
733 | </para> | |
734 | </listitem> | |
735 | </varlistentry> | |
736 | </variablelist> | |
737 | </refsect1> | |
738 | <refsect1> | |
739 | <title>[Peer] Section Options</title> | |
740 | ||
741 | <para>The <literal>[Peer]</literal> section only applies for | |
742 | netdevs of kind <literal>veth</literal> and accepts the | |
a8eaaee7 | 743 | following keys:</para> |
798d3a52 ZJS |
744 | |
745 | <variablelist class='network-directives'> | |
746 | <varlistentry> | |
747 | <term><varname>Name=</varname></term> | |
748 | <listitem> | |
749 | <para>The interface name used when creating the netdev. | |
750 | This option is compulsory.</para> | |
751 | </listitem> | |
752 | </varlistentry> | |
753 | <varlistentry> | |
754 | <term><varname>MACAddress=</varname></term> | |
755 | <listitem> | |
b938cb90 | 756 | <para>The peer MACAddress, if not set, it is generated in |
798d3a52 ZJS |
757 | the same way as the MAC address of the main |
758 | interface.</para> | |
759 | </listitem> | |
760 | </varlistentry> | |
761 | </variablelist> | |
762 | </refsect1> | |
763 | <refsect1> | |
764 | <title>[Tun] Section Options</title> | |
765 | ||
766 | <para>The <literal>[Tun]</literal> section only applies for | |
767 | netdevs of kind <literal>tun</literal>, and accepts the following | |
768 | keys:</para> | |
769 | ||
770 | <variablelist class='network-directives'> | |
771 | <varlistentry> | |
772 | <term><varname>OneQueue=</varname></term> | |
773 | <listitem><para>Takes a boolean argument. Configures whether | |
774 | all packets are queued at the device (enabled), or a fixed | |
775 | number of packets are queued at the device and the rest at the | |
776 | <literal>qdisc</literal>. Defaults to | |
777 | <literal>no</literal>.</para> | |
778 | </listitem> | |
779 | </varlistentry> | |
780 | <varlistentry> | |
781 | <term><varname>MultiQueue=</varname></term> | |
782 | <listitem><para>Takes a boolean argument. Configures whether | |
783 | to use multiple file descriptors (queues) to parallelize | |
784 | packets sending and receiving. Defaults to | |
785 | <literal>no</literal>.</para> | |
786 | </listitem> | |
787 | </varlistentry> | |
788 | <varlistentry> | |
789 | <term><varname>PacketInfo=</varname></term> | |
790 | <listitem><para>Takes a boolean argument. Configures whether | |
ff9b60f3 | 791 | packets should be prepended with four extra bytes (two flag |
b938cb90 | 792 | bytes and two protocol bytes). If disabled, it indicates that |
798d3a52 ZJS |
793 | the packets will be pure IP packets. Defaults to |
794 | <literal>no</literal>.</para> | |
795 | </listitem> | |
796 | </varlistentry> | |
43f78da4 | 797 | <varlistentry> |
2aba142e | 798 | <term><varname>VNetHeader=</varname></term> |
43f78da4 SS |
799 | <listitem><para>Takes a boolean argument. Configures |
800 | IFF_VNET_HDR flag for a tap device. It allows sending | |
801 | and receiving larger Generic Segmentation Offload (GSO) | |
802 | packets. This may increase throughput significantly. | |
803 | Defaults to | |
804 | <literal>no</literal>.</para> | |
805 | </listitem> | |
806 | </varlistentry> | |
798d3a52 ZJS |
807 | <varlistentry> |
808 | <term><varname>User=</varname></term> | |
809 | <listitem><para>User to grant access to the | |
810 | <filename>/dev/net/tun</filename> device.</para> | |
811 | </listitem> | |
812 | </varlistentry> | |
813 | <varlistentry> | |
814 | <term><varname>Group=</varname></term> | |
815 | <listitem><para>Group to grant access to the | |
816 | <filename>/dev/net/tun</filename> device.</para> | |
817 | </listitem> | |
818 | </varlistentry> | |
819 | ||
820 | </variablelist> | |
821 | ||
822 | </refsect1> | |
823 | ||
824 | <refsect1> | |
825 | <title>[Tap] Section Options</title> | |
826 | ||
827 | <para>The <literal>[Tap]</literal> section only applies for | |
828 | netdevs of kind <literal>tap</literal>, and accepts the same keys | |
829 | as the <literal>[Tun]</literal> section.</para> | |
830 | </refsect1> | |
831 | ||
832 | <refsect1> | |
833 | <title>[Bond] Section Options</title> | |
834 | ||
835 | <para>The <literal>[Bond]</literal> section accepts the following | |
836 | key:</para> | |
837 | ||
838 | <variablelist class='network-directives'> | |
839 | <varlistentry> | |
840 | <term><varname>Mode=</varname></term> | |
841 | <listitem> | |
842 | <para>Specifies one of the bonding policies. The default is | |
843 | <literal>balance-rr</literal> (round robin). Possible values are | |
844 | <literal>balance-rr</literal>, | |
845 | <literal>active-backup</literal>, | |
846 | <literal>balance-xor</literal>, | |
847 | <literal>broadcast</literal>, | |
848 | <literal>802.3ad</literal>, | |
849 | <literal>balance-tlb</literal>, and | |
850 | <literal>balance-alb</literal>. | |
851 | </para> | |
852 | </listitem> | |
853 | </varlistentry> | |
854 | ||
855 | <varlistentry> | |
856 | <term><varname>TransmitHashPolicy=</varname></term> | |
857 | <listitem> | |
858 | <para>Selects the transmit hash policy to use for slave | |
859 | selection in balance-xor, 802.3ad, and tlb modes. Possible | |
860 | values are | |
861 | <literal>layer2</literal>, | |
862 | <literal>layer3+4</literal>, | |
863 | <literal>layer2+3</literal>, | |
4d89618a | 864 | <literal>encap2+3</literal>, and |
798d3a52 ZJS |
865 | <literal>encap3+4</literal>. |
866 | </para> | |
867 | </listitem> | |
868 | </varlistentry> | |
869 | ||
870 | <varlistentry> | |
871 | <term><varname>LACPTransmitRate=</varname></term> | |
872 | <listitem> | |
873 | <para>Specifies the rate with which link partner transmits | |
874 | Link Aggregation Control Protocol Data Unit packets in | |
875 | 802.3ad mode. Possible values are <literal>slow</literal>, | |
876 | which requests partner to transmit LACPDUs every 30 seconds, | |
877 | and <literal>fast</literal>, which requests partner to | |
878 | transmit LACPDUs every second. The default value is | |
879 | <literal>slow</literal>.</para> | |
880 | </listitem> | |
881 | </varlistentry> | |
882 | ||
883 | <varlistentry> | |
884 | <term><varname>MIIMonitorSec=</varname></term> | |
885 | <listitem> | |
886 | <para>Specifies the frequency that Media Independent | |
887 | Interface link monitoring will occur. A value of zero | |
dd2b607b | 888 | disables MII link monitoring. This value is rounded down to |
798d3a52 ZJS |
889 | the nearest millisecond. The default value is 0.</para> |
890 | </listitem> | |
891 | </varlistentry> | |
892 | ||
893 | <varlistentry> | |
894 | <term><varname>UpDelaySec=</varname></term> | |
895 | <listitem> | |
896 | <para>Specifies the delay before a link is enabled after a | |
897 | link up status has been detected. This value is rounded down | |
898 | to a multiple of MIIMonitorSec. The default value is | |
899 | 0.</para> | |
900 | </listitem> | |
901 | </varlistentry> | |
902 | ||
903 | <varlistentry> | |
904 | <term><varname>DownDelaySec=</varname></term> | |
905 | <listitem> | |
906 | <para>Specifies the delay before a link is disabled after a | |
907 | link down status has been detected. This value is rounded | |
908 | down to a multiple of MIIMonitorSec. The default value is | |
909 | 0.</para> | |
910 | </listitem> | |
911 | </varlistentry> | |
912 | ||
81bd37a8 | 913 | <varlistentry> |
38422da7 | 914 | <term><varname>LearnPacketIntervalSec=</varname></term> |
81bd37a8 SS |
915 | <listitem> |
916 | <para>Specifies the number of seconds between instances where the bonding | |
a8eaaee7 JE |
917 | driver sends learning packets to each slave peer switch. |
918 | The valid range is 1–0x7fffffff; the default value is 1. This option | |
919 | has an effect only for the balance-tlb and balance-alb modes.</para> | |
81bd37a8 SS |
920 | </listitem> |
921 | </varlistentry> | |
922 | ||
923 | <varlistentry> | |
924 | <term><varname>AdSelect=</varname></term> | |
925 | <listitem> | |
926 | <para>Specifies the 802.3ad aggregation selection logic to use. Possible values are | |
927 | <literal>stable</literal>, | |
a8eaaee7 JE |
928 | <literal>bandwidth</literal> and |
929 | <literal>count</literal>. | |
81bd37a8 SS |
930 | </para> |
931 | </listitem> | |
932 | </varlistentry> | |
933 | ||
934 | <varlistentry> | |
38422da7 | 935 | <term><varname>FailOverMACPolicy=</varname></term> |
81bd37a8 | 936 | <listitem> |
a8eaaee7 JE |
937 | <para>Specifies whether the active-backup mode should set all slaves to |
938 | the same MAC address at the time of enslavement or, when enabled, to perform special handling of the | |
81bd37a8 SS |
939 | bond's MAC address in accordance with the selected policy. The default policy is none. |
940 | Possible values are | |
941 | <literal>none</literal>, | |
a8eaaee7 JE |
942 | <literal>active</literal> and |
943 | <literal>follow</literal>. | |
81bd37a8 SS |
944 | </para> |
945 | </listitem> | |
946 | </varlistentry> | |
947 | ||
948 | <varlistentry> | |
38422da7 | 949 | <term><varname>ARPValidate=</varname></term> |
81bd37a8 SS |
950 | <listitem> |
951 | <para>Specifies whether or not ARP probes and replies should be | |
38422da7 | 952 | validated in any mode that supports ARP monitoring, or whether |
81bd37a8 SS |
953 | non-ARP traffic should be filtered (disregarded) for link |
954 | monitoring purposes. Possible values are | |
955 | <literal>none</literal>, | |
956 | <literal>active</literal>, | |
a8eaaee7 JE |
957 | <literal>backup</literal> and |
958 | <literal>all</literal>. | |
81bd37a8 SS |
959 | </para> |
960 | </listitem> | |
961 | </varlistentry> | |
962 | ||
963 | <varlistentry> | |
38422da7 | 964 | <term><varname>ARPIntervalSec=</varname></term> |
81bd37a8 SS |
965 | <listitem> |
966 | <para>Specifies the ARP link monitoring frequency in milliseconds. | |
967 | A value of 0 disables ARP monitoring. The default value is 0. | |
968 | </para> | |
969 | </listitem> | |
970 | </varlistentry> | |
971 | ||
972 | <varlistentry> | |
38422da7 | 973 | <term><varname>ARPIPTargets=</varname></term> |
81bd37a8 SS |
974 | <listitem> |
975 | <para>Specifies the IP addresses to use as ARP monitoring peers when | |
38422da7 | 976 | ARPIntervalSec is greater than 0. These are the targets of the ARP request |
81bd37a8 | 977 | sent to determine the health of the link to the targets. |
a8eaaee7 | 978 | Specify these values in IPv4 dotted decimal format. At least one IP |
81bd37a8 SS |
979 | address must be given for ARP monitoring to function. The |
980 | maximum number of targets that can be specified is 16. The | |
981 | default value is no IP addresses. | |
982 | </para> | |
983 | </listitem> | |
984 | </varlistentry> | |
985 | ||
986 | <varlistentry> | |
38422da7 | 987 | <term><varname>ARPAllTargets=</varname></term> |
81bd37a8 | 988 | <listitem> |
38422da7 | 989 | <para>Specifies the quantity of ARPIPTargets that must be reachable |
81bd37a8 SS |
990 | in order for the ARP monitor to consider a slave as being up. |
991 | This option affects only active-backup mode for slaves with | |
38422da7 | 992 | ARPValidate enabled. Possible values are |
a8eaaee7 JE |
993 | <literal>any</literal> and |
994 | <literal>all</literal>. | |
81bd37a8 SS |
995 | </para> |
996 | </listitem> | |
997 | </varlistentry> | |
998 | ||
999 | <varlistentry> | |
38422da7 | 1000 | <term><varname>PrimaryReselectPolicy=</varname></term> |
81bd37a8 SS |
1001 | <listitem> |
1002 | <para>Specifies the reselection policy for the primary slave. This | |
1003 | affects how the primary slave is chosen to become the active slave | |
1004 | when failure of the active slave or recovery of the primary slave | |
1005 | occurs. This option is designed to prevent flip-flopping between | |
1006 | the primary slave and other slaves. Possible values are | |
1007 | <literal>always</literal>, | |
a8eaaee7 JE |
1008 | <literal>better</literal> and |
1009 | <literal>failure</literal>. | |
81bd37a8 SS |
1010 | </para> |
1011 | </listitem> | |
1012 | </varlistentry> | |
1013 | ||
1014 | <varlistentry> | |
1015 | <term><varname>ResendIGMP=</varname></term> | |
1016 | <listitem> | |
1017 | <para>Specifies the number of IGMP membership reports to be issued after | |
1018 | a failover event. One membership report is issued immediately after | |
1019 | the failover, subsequent packets are sent in each 200ms interval. | |
b938cb90 | 1020 | The valid range is 0–255. Defaults to 1. A value of 0 |
81bd37a8 SS |
1021 | prevents the IGMP membership report from being issued in response |
1022 | to the failover event. | |
1023 | </para> | |
1024 | </listitem> | |
1025 | </varlistentry> | |
1026 | ||
1027 | <varlistentry> | |
1028 | <term><varname>PacketsPerSlave=</varname></term> | |
1029 | <listitem> | |
b938cb90 JE |
1030 | <para>Specify the number of packets to transmit through a slave before |
1031 | moving to the next one. When set to 0, then a slave is chosen at | |
1032 | random. The valid range is 0–65535. Defaults to 1. This option | |
a8eaaee7 | 1033 | only has effect when in balance-rr mode. |
81bd37a8 SS |
1034 | </para> |
1035 | </listitem> | |
1036 | </varlistentry> | |
1037 | ||
1038 | <varlistentry> | |
38422da7 | 1039 | <term><varname>GratuitousARP=</varname></term> |
81bd37a8 SS |
1040 | <listitem> |
1041 | <para>Specify the number of peer notifications (gratuitous ARPs and | |
1042 | unsolicited IPv6 Neighbor Advertisements) to be issued after a | |
b938cb90 | 1043 | failover event. As soon as the link is up on the new slave, |
81bd37a8 SS |
1044 | a peer notification is sent on the bonding device and each |
1045 | VLAN sub-device. This is repeated at each link monitor interval | |
38422da7 | 1046 | (ARPIntervalSec or MIIMonitorSec, whichever is active) if the number is |
a8eaaee7 | 1047 | greater than 1. The valid range is 0–255. The default value is 1. |
38422da7 | 1048 | These options affect only the active-backup mode. |
81bd37a8 SS |
1049 | </para> |
1050 | </listitem> | |
1051 | </varlistentry> | |
1052 | ||
1053 | <varlistentry> | |
1054 | <term><varname>AllSlavesActive=</varname></term> | |
1055 | <listitem> | |
a8eaaee7 JE |
1056 | <para>A boolean. Specifies that duplicate frames (received on inactive ports) |
1057 | should be dropped when false, or delivered when true. Normally, bonding will drop | |
81bd37a8 SS |
1058 | duplicate frames (received on inactive ports), which is desirable for |
1059 | most users. But there are some times it is nice to allow duplicate | |
1060 | frames to be delivered. The default value is false (drop duplicate frames | |
1061 | received on inactive ports). | |
1062 | </para> | |
1063 | </listitem> | |
1064 | </varlistentry> | |
1065 | ||
1066 | <varlistentry> | |
1067 | <term><varname>MinLinks=</varname></term> | |
1068 | <listitem> | |
1069 | <para>Specifies the minimum number of links that must be active before | |
1070 | asserting carrier. The default value is 0. | |
1071 | </para> | |
1072 | </listitem> | |
1073 | </varlistentry> | |
1074 | ||
798d3a52 | 1075 | </variablelist> |
81bd37a8 SS |
1076 | |
1077 | <para>For more detail information see | |
1078 | <ulink url="https://www.kernel.org/doc/Documentation/networking/bonding.txt"> | |
1079 | Linux Ethernet Bonding Driver HOWTO</ulink></para> | |
1080 | ||
798d3a52 ZJS |
1081 | </refsect1> |
1082 | ||
1083 | <refsect1> | |
1084 | <title>Example</title> | |
1085 | <example> | |
6c1695be | 1086 | <title>/etc/systemd/network/25-bridge.netdev</title> |
798d3a52 ZJS |
1087 | |
1088 | <programlisting>[NetDev] | |
eac684ef TG |
1089 | Name=bridge0 |
1090 | Kind=bridge</programlisting> | |
798d3a52 | 1091 | </example> |
eac684ef | 1092 | |
798d3a52 | 1093 | <example> |
6c1695be | 1094 | <title>/etc/systemd/network/25-vlan1.netdev</title> |
eac684ef | 1095 | |
798d3a52 | 1096 | <programlisting>[Match] |
eac684ef TG |
1097 | Virtualization=no |
1098 | ||
1099 | [NetDev] | |
1100 | Name=vlan1 | |
1101 | Kind=vlan | |
1102 | ||
1103 | [VLAN] | |
1104 | Id=1</programlisting> | |
798d3a52 ZJS |
1105 | </example> |
1106 | <example> | |
6c1695be | 1107 | <title>/etc/systemd/network/25-ipip.netdev</title> |
798d3a52 | 1108 | <programlisting>[NetDev] |
b35a2909 TG |
1109 | Name=ipip-tun |
1110 | Kind=ipip | |
1111 | MTUBytes=1480 | |
1112 | ||
1113 | [Tunnel] | |
1114 | Local=192.168.223.238 | |
1115 | Remote=192.169.224.239 | |
1116 | TTL=64</programlisting> | |
798d3a52 ZJS |
1117 | </example> |
1118 | <example> | |
6c1695be | 1119 | <title>/etc/systemd/network/25-tap.netdev</title> |
798d3a52 | 1120 | <programlisting>[NetDev] |
30ae9dfd SS |
1121 | Name=tap-test |
1122 | Kind=tap | |
1123 | ||
1124 | [Tap] | |
1125 | MultiQueue=true | |
1126 | PacketInfo=true</programlisting> </example> | |
eac684ef | 1127 | |
798d3a52 | 1128 | <example> |
6c1695be | 1129 | <title>/etc/systemd/network/25-sit.netdev</title> |
798d3a52 | 1130 | <programlisting>[NetDev] |
b35a2909 TG |
1131 | Name=sit-tun |
1132 | Kind=sit | |
1133 | MTUBytes=1480 | |
1134 | ||
1135 | [Tunnel] | |
1136 | Local=10.65.223.238 | |
1137 | Remote=10.65.223.239</programlisting> | |
798d3a52 | 1138 | </example> |
eac684ef | 1139 | |
798d3a52 | 1140 | <example> |
6c1695be | 1141 | <title>/etc/systemd/network/25-gre.netdev</title> |
798d3a52 | 1142 | <programlisting>[NetDev] |
b35a2909 TG |
1143 | Name=gre-tun |
1144 | Kind=gre | |
1145 | MTUBytes=1480 | |
1146 | ||
1147 | [Tunnel] | |
1148 | Local=10.65.223.238 | |
1149 | Remote=10.65.223.239</programlisting> | |
798d3a52 | 1150 | </example> |
b35a2909 | 1151 | |
798d3a52 | 1152 | <example> |
6c1695be | 1153 | <title>/etc/systemd/network/25-vti.netdev</title> |
b35a2909 | 1154 | |
798d3a52 | 1155 | <programlisting>[NetDev] |
b35a2909 TG |
1156 | Name=vti-tun |
1157 | Kind=vti | |
1158 | MTUBytes=1480 | |
1159 | ||
1160 | [Tunnel] | |
1161 | Local=10.65.223.238 | |
1162 | Remote=10.65.223.239</programlisting> | |
798d3a52 | 1163 | </example> |
b35a2909 | 1164 | |
798d3a52 | 1165 | <example> |
6c1695be | 1166 | <title>/etc/systemd/network/25-veth.netdev</title> |
798d3a52 | 1167 | <programlisting>[NetDev] |
b35a2909 TG |
1168 | Name=veth-test |
1169 | Kind=veth | |
1170 | ||
1171 | [Peer] | |
1172 | Name=veth-peer</programlisting> | |
798d3a52 | 1173 | </example> |
b35a2909 | 1174 | |
d94facdc | 1175 | <example> |
6c1695be | 1176 | <title>/etc/systemd/network/25-bond.netdev</title> |
d94facdc MH |
1177 | <programlisting>[NetDev] |
1178 | Name=bond1 | |
1179 | Kind=bond | |
1180 | ||
1181 | [Bond] | |
1182 | Mode=802.3ad | |
1183 | TransmitHashPolicy=layer3+4 | |
1184 | MIIMonitorSec=1s | |
1185 | LACPTransmitRate=fast | |
1186 | </programlisting> | |
1187 | </example> | |
1188 | ||
798d3a52 | 1189 | <example> |
6c1695be | 1190 | <title>/etc/systemd/network/25-dummy.netdev</title> |
798d3a52 | 1191 | <programlisting>[NetDev] |
9e358851 TG |
1192 | Name=dummy-test |
1193 | Kind=dummy | |
1194 | MACAddress=12:34:56:78:9a:bc</programlisting> | |
798d3a52 | 1195 | </example> |
20897a0d AR |
1196 | <example> |
1197 | <title>/etc/systemd/network/25-vrf.netdev</title> | |
037a3ded | 1198 | <para>Create a VRF interface with table 42.</para> |
20897a0d AR |
1199 | <programlisting>[NetDev] |
1200 | Name=vrf-test | |
1201 | Kind=vrf | |
798d3a52 | 1202 | |
20897a0d AR |
1203 | [VRF] |
1204 | TableId=42</programlisting> | |
1205 | </example> | |
798d3a52 ZJS |
1206 | </refsect1> |
1207 | <refsect1> | |
1208 | <title>See Also</title> | |
1209 | <para> | |
1210 | <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, | |
1211 | <citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, | |
1212 | <citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
1213 | <citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
1214 | </para> | |
1215 | </refsect1> | |
eac684ef TG |
1216 | |
1217 | </refentry> |