<listitem>
<para>Enables DHCPv4 and/or DHCPv6 client support. Accepts
<literal>yes</literal>, <literal>no</literal>,
- <literal>ipv4</literal>, or <literal>ipv6</literal>.</para>
+ <literal>ipv4</literal>, or <literal>ipv6</literal>. Defaults
+ to <literal>no</literal>.</para>
<para>Note that DHCPv6 will by default be triggered by Router
Advertisement, if that is enabled, regardless of this parameter.
DNS validation support on the link. When set to
<literal>allow-downgrade</literal>, compatibility with
non-DNSSEC capable networks is increased, by automatically
- turning off DNSEC in this case. This option defines a
+ turning off DNSSEC in this case. This option defines a
per-interface setting for
<citerefentry><refentrytitle>resolved.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>'s
global <varname>DNSSEC=</varname> option. Defaults to
<para>This setting is read by
<citerefentry><refentrytitle>systemd-resolved.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
"Search domains" correspond to the <varname>domain</varname> and <varname>search</varname> entries in
- <citerefentry><refentrytitle>resolv.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+ <citerefentry project='man-pages'><refentrytitle>resolv.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
Domain name routing has no equivalent in the traditional glibc API, which has no concept of domain
name servers limited to a specific link.</para>
</listitem>
</para></listitem>
</varlistentry>
<varlistentry>
- <term><varname>IPv6ProxyNDPAddress=</varname></term>
- <listitem><para>An IPv6 address, for which Neighbour Advertisement
- messages will be proxied.
- Proxy NDP (Neighbor Discovery Protocol) is a technique for IPv6 to
- allow routing of addresses to a different destination when peers expect them
- to be present on a certain physical link.
+ <term><varname>IPv6ProxyNDP=</varname></term>
+ <listitem><para>A boolean. Configures proxy NDP for IPv6. Proxy NDP (Neighbor Discovery
+ Protocol) is a technique for IPv6 to allow routing of addresses to a different
+ destination when peers expect them to be present on a certain physical link.
In this case a router answers Neighbour Advertisement messages intended for
another machine by offering its own MAC address as destination.
- Unlike proxy ARP for IPv4, is not enabled globally, but will only send Neighbour
+ Unlike proxy ARP for IPv4, it is not enabled globally, but will only send Neighbour
Advertisement messages for addresses in the IPv6 neighbor proxy table,
- which can also be shown by <command>ip -6 neighbour show proxy</command>
- This option may be specified more than once. systemd-networkd will control the
- per-interface `proxy_ndp` switch for each configured interface, depending on whether
- there are <option>IPv6ProxyNDPAddress=</option> entries configured and add these to
- the kernels IPv6 neighbor proxy table.
- Defaults to unset.
+ which can also be shown by <command>ip -6 neighbour show proxy</command>.
+ systemd-networkd will control the per-interface `proxy_ndp` switch for each configured
+ interface depending on this option.
+ Defautls to unset.
</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>IPv6ProxyNDPAddress=</varname></term>
+ <listitem><para>An IPv6 address, for which Neighbour Advertisement messages will be
+ proxied. This option may be specified more than once. systemd-networkd will add the
+ <option>IPv6ProxyNDPAddress=</option> entries to the kernel's IPv6 neighbor proxy table.
+ This option implies <option>IPv6ProxyNDP=true</option> but has no effect if
+ <option>IPv6ProxyNDP</option> has been set to false. Defaults to unset.
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>IPv6PrefixDelegation=</varname></term>
+ <listitem><para>Whether to enable or disable Router Advertisement sending on a link.
+ Defaults to <literal>false</literal>. See the <literal>[IPv6PrefixDelegation]</literal>
+ and the <literal>[IPv6Prefix]</literal> sections for configuration options.
+ </para></listitem>
+ </varlistentry>
<varlistentry>
<term><varname>Bridge=</varname></term>
<listitem>
This option may be specified more than once.</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>ActiveSlave=</varname></term>
+ <listitem>
+ <para>A boolean. Specifies the new active slave. The <literal>ActiveSlave=</literal>
+ option is only valid for following modes:
+ <literal>active-backup</literal>,
+ <literal>balance-alb</literal> and
+ <literal>balance-tlb</literal>. Defaults to false.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>PrimarySlave=</varname></term>
+ <listitem>
+ <para>A boolean. Specifies which slave is the primary device. The specified
+ device will always be the active slave while it is available. Only when the
+ primary is off-line will alternate devices be used. This is useful when
+ one slave is preferred over another, e.g. when one slave has higher throughput
+ than another. The <literal>PrimarySlave=</literal> option is only valid for
+ following modes:
+ <literal>active-backup</literal>,
+ <literal>balance-alb</literal> and
+ <literal>balance-tlb</literal>. Defaults to false.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>ConfigureWithoutCarrier=</varname></term>
+ <listitem>
+ <para>A boolean. Allows networkd to configure a specific link even if it has no carrier.
+ Defaults to false.
+ </para>
+ </listitem>
+ </varlistentry>
</variablelist>
</refsect1>
which is then configured to use them explicitly.</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>Scope=</varname></term>
+ <listitem>
+ <para>The scope of the address, which can be <literal>global</literal>,
+ <literal>link</literal> or <literal>host</literal> or an unsigned integer ranges 0 to 255.
+ Defaults to <literal>global</literal>.</para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term><varname>HomeAddress=</varname></term>
<listitem>
</variablelist>
</refsect1>
+ <refsect1>
+ <title>[IPv6AddressLabel] Section Options</title>
+
+ <para>An <literal>[IPv6AddressLabel]</literal> section accepts the
+ following keys. Specify several <literal>[IPv6AddressLabel]</literal>
+ sections to configure several address labels. IPv6 address labels are
+ used for address selection. See <ulink url="https://tools.ietf.org/html/rfc3484">RFC 3484</ulink>.
+ Precedence is managed by userspace, and only the label itself is stored in the kernel</para>
+
+ <variablelist class='network-directives'>
+ <varlistentry>
+ <term><varname>Label=</varname></term>
+ <listitem>
+ <para> The label for the prefix (an unsigned integer) ranges 0 to 4294967294.
+ 0xffffffff is reserved. This key is mandatory.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>Prefix=</varname></term>
+ <listitem>
+ <para>IPv6 prefix is an address with a prefix length, separated by a slash <literal>/</literal> character.
+ This key is mandatory. </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
<refsect1>
<title>[Route] Section Options</title>
<para>The <literal>[Route]</literal> section accepts the
<varlistentry>
<term><varname>GatewayOnlink=</varname></term>
<listitem>
- <para>The <literal>GatewayOnlink</literal> option tells the kernel that the it does not have
+ <para>The <literal>GatewayOnlink</literal> option tells the kernel that it does not have
to check if the gateway is reachable directly by the current machine (i.e., the kernel does
not need to check if the gateway is attached to the local network), so that we can insert the
route in the kernel table without it being complained about. A boolean, defaults to <literal>no</literal>.
<para>The metric of the route (an unsigned integer).</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>IPv6Preference=</varname></term>
+ <listitem>
+ <para>Specifies the route preference as defined in <ulink
+ url="https://tools.ietf.org/html/rfc4191">RFC4191</ulink> for Router Discovery messages.
+ Which can be one of <literal>low</literal> the route has a lowest priority,
+ <literal>medium</literal> the route has a default priority or
+ <literal>high</literal> the route has a highest priority.</para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term><varname>Scope=</varname></term>
<listitem>
</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>Protocol=</varname></term>
+ <listitem>
+ <para>The Protocol identifier for the route. Takes a number between 0 and 255 or the special values
+ <literal>kernel</literal>, <literal>boot</literal> and <literal>static</literal>. Defaults to
+ <literal>static</literal>.
+ </para>
+ </listitem>
+ </varlistentry>
</variablelist>
</refsect1>
Defaults to false.</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>Anonymize=</varname></term>
+ <listitem>
+ <para>Takes a boolean argument. When true, the options sent to the DHCP server will
+ follow the <ulink url="https://tools.ietf.org/html/rfc7844">RFC 7844</ulink>
+ (Anonymity Profiles for DHCP Clients) to minimize disclosure of identifying information.
+ Defaults to false.</para>
+
+ <para>This option should only be set to true when
+ <varname>MACAddressPolicy=</varname> is set to <literal>random</literal>
+ (see <citerefentry
+ project='man-pages'><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>).</para>
+
+ <para>Note that this configuration will overwrite others.
+ In concrete, the following variables will be ignored:
+ <varname>SendHostname=</varname>, <varname>ClientIdentifier=</varname>,
+ <varname>UseRoutes=</varname>, <varname>SendHostname=</varname>,
+ <varname>UseMTU=</varname>, <varname>VendorClassIdentifier=</varname>,
+ <varname>UseTimezone=</varname>.</para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term><varname>SendHostname=</varname></term>
<listitem>
<varlistentry>
<term><varname>UseRoutes=</varname></term>
<listitem>
- <para>When true (the default), the static routes will be
- requested from the DHCP server and added to the routing
- table with a metric of 1024.</para>
+ <para>When true (the default), the static routes will be requested from the DHCP server and added to the
+ routing table with a metric of 1024, and a scope of "global", "link" or "host", depending on the route's
+ destination and gateway. If the destination is on the local host, e.g., 127.x.x.x, or the same as the
+ link's own address, the scope will be set to "host". Otherwise if the gateway is null (a direct route), a
+ "link" scope will be used. For anything else, scope defaults to "global".</para>
</listitem>
</varlistentry>
</refsect1>
<refsect1>
+ <title>[IPv6PrefixDelegation] Section Options</title>
+ <para>The <literal>[IPv6PrefixDelegation]</literal> section contains
+ settings for sending IPv6 Router Advertisements and whether to act as
+ a router, if enabled via the <varname>IPv6PrefixDelegation=</varname>
+ option described above. IPv6 network prefixes are defined with one or
+ more <literal>[IPv6Prefix]</literal> sections.</para>
+
+ <variablelist class='network-directives'>
+
+ <varlistentry>
+ <term><varname>Managed=</varname></term>
+ <term><varname>OtherInformation=</varname></term>
+
+ <listitem><para>Controls whether a DHCPv6 server is used to acquire IPv6
+ addresses on the network link when <varname>Managed=</varname> boolean
+ is set to <literal>true</literal> or if only additional network
+ information can be obtained via DHCPv6 for the network link when
+ <varname>OtherInformation=</varname> boolean is set to
+ <literal>true</literal>. Both settings default to
+ <literal>false</literal>, which means that a DHCPv6 server is not being
+ used.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>RouterLifetimeSec=</varname></term>
+
+ <listitem><para>Configures the IPv6 router lifetime in seconds. If set,
+ this host also announces itself in Router Advertisements as an IPv6
+ router for the network link. Defaults to unset, which means the host is
+ not acting as a router.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>RouterPreference=</varname></term>
+
+ <listitem><para>Configures IPv6 router preference if
+ <varname>RouterLifetimeSec=</varname> is non-zero. Valid values are
+ <literal>high</literal>, <literal>medium</literal> and
+ <literal>low</literal>, with <literal>normal</literal> and
+ <literal>default</literal> added as synonyms for
+ <literal>medium</literal> just to make configuration easier. See
+ <ulink url="https://tools.ietf.org/html/rfc4191">RFC 4191</ulink>
+ for details. Defaults to <literal>medium</literal>.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>DNS=</varname></term>
+
+ <listitem><para>A list of recursive DNS server IPv6 addresses
+ distributed via Router Advertisement messages.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>DNSLifetimeSec=</varname></term>
+
+ <listitem><para>Lifetime in seconds for the DNS server addresses listed
+ in <varname>DNS=</varname>.</para></listitem>
+ </varlistentry>
+
+ </variablelist>
+ </refsect1>
+
+ <refsect1>
+ <title>[IPv6Prefix] Section Options</title>
+ <para>One or more <literal>[IPv6Prefix]</literal> sections contain the IPv6
+ prefixes that are announced via Router Advertisements. See
+ <ulink url="https://tools.ietf.org/html/rfc4861">RFC 4861</ulink>
+ for further details.</para>
+
+ <variablelist class='network-directives'>
+
+ <varlistentry>
+ <term><varname>AddressAutoconfiguration=</varname></term>
+ <term><varname>OnLink=</varname></term>
+
+ <listitem><para>Boolean values to specify whether IPv6 addresses can be
+ autoconfigured with this prefix and whether the prefix can be used for
+ onlink determination. Both settings default to <literal>true</literal>
+ in order to ease configuration.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>Prefix=</varname></term>
+
+ <listitem><para>The IPv6 prefix that is to be distributed to hosts.
+ Similarly to configuring static IPv6 addresses, the setting is
+ configured as an IPv6 prefix and its prefix length, separated by a
+ <literal>/</literal> character. Use multiple
+ <literal>[IPv6Prefix]</literal> sections to configure multiple IPv6
+ prefixes since prefix lifetimes, address autoconfiguration and onlink
+ status may differ from one prefix to another.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>PreferredLifetimeSec=</varname></term>
+ <term><varname>ValidLifetimeSec=</varname></term>
+
+ <listitem><para>Preferred and valid lifetimes for the prefix measured in
+ seconds. <varname>PreferredLifetimeSec=</varname> defaults to 604800
+ seconds (one week) and <varname>ValidLifetimeSec=</varname> defaults
+ to 2592000 seconds (30 days).</para></listitem>
+ </varlistentry>
+
+ </variablelist>
+ </refsect1>
+
+ <refsect1>
<title>[Bridge] Section Options</title>
<para>The <literal>[Bridge]</literal> section accepts the
following keys.</para>
<para>Sets the "cost" of sending packets of this interface.
Each port in a bridge may have a different speed and the cost
is used to decide which link to use. Faster interfaces
- should have lower costs. It is an interger value between 1 and
+ should have lower costs. It is an integer value between 1 and
65535.</para>
</listitem>
</varlistentry>
<para>Sets the "priority" of sending packets on this interface.
Each port in a bridge may have a different priority which is used
to decide which link to use. Lower value means higher priority.
- It is an interger value between 0 to 63. Networkd does not set any
+ It is an integer value between 0 to 63. Networkd does not set any
default, meaning the kernel default value of 32 is used.</para>
</listitem>
</varlistentry>
projects / thirdparty / systemd.git / blobdiff