X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=man%2Fsystemd.network.xml;h=d832e68d71c5f781ec4fb52de5096b0aa1302e80;hb=4b381a9ef65d68dc79760b093436a9c81f43fa5d;hp=b06785046da3453eb852a6aee6ef81c072a8a665;hpb=d55e43344b7852b1cf4d0e083ef963ee443e5b38;p=thirdparty%2Fsystemd.git diff --git a/man/systemd.network.xml b/man/systemd.network.xml index b06785046da..d832e68d71c 100644 --- a/man/systemd.network.xml +++ b/man/systemd.network.xml @@ -1,10 +1,7 @@ - - - + @@ -80,9 +77,13 @@ is applied, all later files are ignored, even if they match as well. - A network file is said to match a device if each of the - entries in the [Match] section matches, or if - the section is empty. The following keys are accepted: + A network file is said to match a network interface if all matches specified by the + [Match] section are satisfied. When a network file does not contain valid + settings in [Match] section, then the file will match all interfaces and + systemd-networkd warns about that. Hint: to avoid the warning and to make it + clear that all interfaces shall be matched, add the following: + Name=* + The following keys are accepted: @@ -140,53 +141,55 @@ Host= - Matches against the hostname or machine ID of the - host. See ConditionHost= in + Matches against the hostname or machine ID of the host. See + ConditionHost= in systemd.unit5 - for details. + for details. When prefixed with an exclamation mark (!), the result is negated. + If an empty string is assigned, then previously assigned value is cleared. Virtualization= - Checks whether the system is executed in a virtualized - environment and optionally test whether it is a specific - implementation. See ConditionVirtualization= in + Checks whether the system is executed in a virtualized environment and optionally test + whether it is a specific implementation. See ConditionVirtualization= in systemd.unit5 - for details. + for details. When prefixed with an exclamation mark (!), the result is negated. + If an empty string is assigned, then previously assigned value is cleared. KernelCommandLine= - Checks whether a specific kernel command line option is - set (or if prefixed with the exclamation mark unset). See + Checks whether a specific kernel command line option is set. See ConditionKernelCommandLine= in systemd.unit5 - for details. + for details. When prefixed with an exclamation mark (!), the result is negated. + If an empty string is assigned, then previously assigned value is cleared. KernelVersion= - Checks whether the kernel version (as reported by uname -r) matches a certain - expression (or if prefixed with the exclamation mark does not match it). See - ConditionKernelVersion= in - systemd.unit5 for - details. + Checks whether the kernel version (as reported by uname -r) matches a + certain expression. See ConditionKernelVersion= in + systemd.unit5 + for details. When prefixed with an exclamation mark (!), the result is negated. + If an empty string is assigned, then previously assigned value is cleared. Architecture= - Checks whether the system is running on a specific - architecture. See ConditionArchitecture= in + Checks whether the system is running on a specific architecture. See + ConditionArchitecture= in systemd.unit5 - for details. + for details. When prefixed with an exclamation mark (!), the result is negated. + If an empty string is assigned, then previously assigned value is cleared. @@ -323,9 +326,16 @@ LinkLocalAddressing= Enables link-local address autoconfiguration. Accepts yes, - no, ipv4, or ipv6. If - Bridge= is set, defaults to no, and if not, - defaults to ipv6. + no, ipv4, ipv6, + fallback, or ipv4-fallback. If + fallback or ipv4-fallback is specified, then an IPv4 + link-local address is configured only when DHCPv4 fails. If fallback, + an IPv6 link-local address is always configured, and if ipv4-fallback, + the address is not configured. Note that, the fallback mechanism works only when DHCPv4 + client is enabled, that is, it requires DHCP=yes or + DHCP=ipv4. If Bridge= is set, defaults to + no, and if not, defaults to ipv6. + @@ -337,6 +347,15 @@ + + DefaultRouteOnDevice= + + Takes a boolean. If set to true, sets up the default route bound to the interface. + Defaults to false. This is useful when creating routes on point-to-point interfaces. + This is equivalent to e.g. the following. + ip route add default dev veth99 + + IPv6Token= @@ -630,6 +649,11 @@ url="https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt">ip-sysctl.txt in the kernel documentation regarding accept_ra, but note that systemd's setting of 1 (i.e. true) corresponds to kernel's setting of 2. + + Note that if this option is enabled a userspace implementation of the IPv6 RA protocol is + used, and the kernel's own implementation remains disabled, since `networkd` needs to know all + details supplied in the advertisements, and these are not available from the kernel if the kernel's + own implementation is used. @@ -764,6 +788,14 @@ This option may be specified more than once. + + MACsec= + + The name of a MACsec device to create on the link. See + systemd.netdev5. + This option may be specified more than once. + + ActiveSlave= @@ -806,6 +838,22 @@ + + KeepConfiguration= + + Takes a boolean or one of static, dhcp-on-stop, + dhcp. When static, systemd-networkd + will not drop static addresses and routes on starting up process. When set to + dhcp-on-stop, systemd-networkd will not drop addresses + and routes on stopping the daemon. When dhcp, + the addresses and routes provided by a DHCP server will never be dropped even if the DHCP + lease expires. This is contrary to the DHCP specification, but may be the best choice if, + e.g., the root filesystem relies on this connection. The setting dhcp + implies dhcp-on-stop, and yes implies + dhcp and static. Defaults to + dhcp-on-stop. + + @@ -1061,7 +1109,7 @@ InvertRule= - A boolean. Specifies wheather the rule to be inverted. Defaults to false. + A boolean. Specifies whether the rule to be inverted. Defaults to false. @@ -1181,7 +1229,7 @@ InitialAdvertisedReceiveWindow= - The TCP initial advertised receive window is the amount of receive data (in bytes) that can initally be buffered at one time + The TCP initial advertised receive window is the amount of receive data (in bytes) that can initially be buffered at one time on a connection. The sending host can send only that amount of data before waiting for an acknowledgment and window update from the receiving host. Takes a size in bytes between 1 and 4294967295 (2^32 - 1). The usual suffixes K, M, G are supported and are understood to the base of 1024. When unset, the kernel's default will be used. @@ -1195,6 +1243,22 @@ + + FastOpenNoCookie= + + Takes a boolean. When true enables TCP fastopen without a cookie on a per-route basis. + When unset, the kernel's default will be used. + + + + + TTLPropagate= + + Takes a boolean. When true enables TTL propagation at Label Switched Path (LSP) egress. + When unset, the kernel's default will be used. + + + MTUBytes= @@ -1263,6 +1327,11 @@ UseRoutes=, SendHostname=, UseMTU=, VendorClassIdentifier=, UseTimezone=. + + With this option enabled DHCP requests will mimic those generated by Microsoft Windows, in + order to reduce the ability to fingerprint and recognize installations. This means DHCP request + sizes will grow and lease data will be more comprehensive than normally, though most of the + requested data is not actually used. @@ -1328,17 +1397,6 @@ system. Defaults to no. - - CriticalConnection= - - When true, the connection will never be torn down - even if the DHCP lease expires. This is contrary to the - DHCP specification, but may be the best choice if, say, - the root filesystem relies on this connection. Defaults to - false. - - - ClientIdentifier= @@ -1368,6 +1426,16 @@ + + MaxAttempts= + + Specifies how many times the DHCPv4 client configuration should be attempted. Takes a + number or infinity. Defaults to infinity. + Note that the time between retries is increased exponentially, so the network will not be + overloaded even if this number is high. + + + DUIDType= @@ -1432,6 +1500,14 @@ + + SendRelease= + + When true, the DHCPv4 client sends a DHCP release packet when it stops. + Defaults to false. + + + RapidCommit= @@ -1461,6 +1537,13 @@ + + BlackList= + + A whitespace-separated list of IPv4 addresses. DHCP offers from servers in the list are rejected. + + + @@ -1528,6 +1611,13 @@ + + BlackList= + + A whitespace-separated list of IPv6 prefixes. IPv6 prefixes supplied via router advertisements in the list are ignored. + + + @@ -1855,6 +1945,32 @@ When unset, the kernel's default will be used. + + ProxyARP= + + Takes a boolean. Configures whether proxy ARP to be enabled on this port. + When unset, the kernel's default will be used. + + + + ProxyARPWiFi= + + Takes a boolean. Configures whether proxy ARP to be enabled on this port + which meets extended requirements by IEEE 802.11 and Hotspot 2.0 specifications. + When unset, the kernel's default will be used. + + + + MulticastRouter= + + Configures this port for having multicast routers attached. A port with a multicast + router will receive all multicast traffic. Takes one of no + to disable multicast routers on this port, query to let the system detect + the presence of routers, permanent to permanently enable multicast traffic + forwarding on this port, or temporary to enable multicast routers temporarily + on this port, not depending on incoming queries. When unset, the kernel's default will be used. + + Cost= @@ -1892,6 +2008,12 @@ key is mandatory. + + Destination= + + Takes an IP address of the destination VXLAN tunnel endpoint. + + VLANId= @@ -1900,6 +2022,27 @@ table entry. + + VNI= + + The VXLAN Network Identifier (or VXLAN Segment ID) to use to connect to + the remote VXLAN tunnel endpoint. Takes a number in the range 1-16777215. + Defaults to unset. + + + + AssociatedWith= + + Specifies where the address is associated with. Takes one of use, + self, master or router. + use means the address is in use. User space can use this option to + indicate to the kernel that the fdb entry is in use. self means + the address is associated with the port drivers fdb. Usually hardware. master + means the address is associated with master devices fdb. router means + the destination address is associated with a router. Note that it's valid if the referenced + device is a VXLAN type device and has route shortcircuit enabled. Defaults to self. + +