]> git.ipfire.org Git - thirdparty/systemd.git/blame - man/systemd.netdev.xml
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
capability: add new ambient_capabilities_supported() helper
[thirdparty/systemd.git] / man / systemd.netdev.xml
CommitLineData
eac684ef
TG		 1<?xml version='1.0'?> <!--*-nxml-*-->
2<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
12b42c76 3 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
eac684ef
TG		 4
5<!--
6 This file is part of systemd.
7
8 Copyright 2013 Tom Gundersen
9
10 systemd is free software; you can redistribute it and/or modify it
11 under the terms of the GNU Lesser General Public License as published by
12 the Free Software Foundation; either version 2.1 of the License, or
13 (at your option) any later version.
14
15 systemd is distributed in the hope that it will be useful, but
16 WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
19
20 You should have received a copy of the GNU Lesser General Public License
21 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22-->
23
24<refentry id="systemd.netdev" conditional='ENABLE_NETWORKD'>
25
798d3a52
ZJS		 26 <refentryinfo>
27 <title>systemd.network</title>
28 <productname>systemd</productname>
29
30 <authorgroup>
31 <author>
32 <contrib>Developer</contrib>
33 <firstname>Tom</firstname>
34 <surname>Gundersen</surname>
35 <email>teg@jklm.no</email>
36 </author>
37 </authorgroup>
38 </refentryinfo>
39
40 <refmeta>
41 <refentrytitle>systemd.netdev</refentrytitle>
42 <manvolnum>5</manvolnum>
43 </refmeta>
44
45 <refnamediv>
46 <refname>systemd.netdev</refname>
47 <refpurpose>Virtual Network Device configuration</refpurpose>
48 </refnamediv>
49
50 <refsynopsisdiv>
51 <para><filename><replaceable>netdev</replaceable>.netdev</filename></para>
52 </refsynopsisdiv>
53
54 <refsect1>
55 <title>Description</title>
56
57 <para>Network setup is performed by
58 <citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
59 </para>
60
bac150e9
ZJS		 61 <para>The main Virtual Network Device file must have the extension <filename>.netdev</filename>;
62 other extensions are ignored. Virtual network devices are created as soon as networkd is
63 started. If a netdev with the specified name already exists, networkd will use that as-is rather
64 than create its own. Note that the settings of the pre-existing netdev will not be changed by
798d3a52
ZJS		 65 networkd.</para>
66
bac150e9
ZJS		 67 <para>The <filename>.netdev</filename> files are read from the files located in the system
68 network directory <filename>/usr/lib/systemd/network</filename>, the volatile runtime network
69 directory <filename>/run/systemd/network</filename> and the local administration network
70 directory <filename>/etc/systemd/network</filename>. All configuration files are collectively
71 sorted and processed in lexical order, regardless of the directories in which they live.
72 However, files with identical filenames replace each other. Files in <filename>/etc</filename>
73 have the highest priority, files in <filename>/run</filename> take precedence over files with
74 the same name in <filename>/usr/lib</filename>. This can be used to override a system-supplied
75 configuration file with a local file if needed. As a special case, an empty file (file size 0)
76 or symlink with the same name pointing to <filename>/dev/null</filename> disables the
77 configuration file entirely (it is "masked").</para>
78
79 <para>Along with the netdev file <filename>foo.netdev</filename>, a "drop-in" directory
80 <filename>foo.netdev.d/</filename> may exist. All files with the suffix <literal>.conf</literal>
81 from this directory will be parsed after the file itself is parsed. This is useful to alter or
82 add configuration settings, without having to modify the main configuration file. Each drop-in
83 file must have appropriate section headers.</para>
84
85 <para>In addition to <filename>/etc/systemd/network</filename>, drop-in <literal>.d</literal>
86 directories can be placed in <filename>/usr/lib/systemd/network</filename> or
87 <filename>/run/systemd/network</filename> directories. Drop-in files in
88 <filename>/etc</filename> take precedence over those in <filename>/run</filename> which in turn
89 take precedence over those in <filename>/usr/lib</filename>. Drop-in files under any of these
90 directories take precedence over the main netdev file wherever located. (Of course, since
91 <filename>/run</filename> is temporary and <filename>/usr/lib</filename> is for vendors, it is
92 unlikely drop-ins should be used in either of those places.)</para>
798d3a52
ZJS		 93 </refsect1>
94
95 <refsect1>
96 <title>Supported netdev kinds</title>
97
98 <para>The following kinds of virtual network devices may be
99 configured in <filename>.netdev</filename> files:</para>
100
101 <table>
102 <title>Supported kinds of virtual network devices</title>
103
104 <tgroup cols='2'>
105 <colspec colname='kind' />
106 <colspec colname='explanation' />
107 <thead><row>
108 <entry>Kind</entry>
109 <entry>Description</entry>
110 </row></thead>
111 <tbody>
112 <row><entry><varname>bond</varname></entry>
113 <entry>A bond device is an aggregation of all its slave devices. See <ulink url="https://www.kernel.org/doc/Documentation/networking/bonding.txt">Linux Ethernet Bonding Driver HOWTO</ulink> for details.Local configuration</entry></row>
114
115 <row><entry><varname>bridge</varname></entry>
a8eaaee7 116 <entry>A bridge device is a software switch, and each of its slave devices and the bridge itself are ports of the switch.</entry></row>
798d3a52
ZJS		 117
118 <row><entry><varname>dummy</varname></entry>
119 <entry>A dummy device drops all packets sent to it.</entry></row>
120
121 <row><entry><varname>gre</varname></entry>
122 <entry>A Level 3 GRE tunnel over IPv4. See <ulink url="https://tools.ietf.org/html/rfc2784">RFC 2784</ulink> for details.</entry></row>
123
124 <row><entry><varname>gretap</varname></entry>
125 <entry>A Level 2 GRE tunnel over IPv4.</entry></row>
126
127 <row><entry><varname>ip6gre</varname></entry>
128 <entry>A Level 3 GRE tunnel over IPv6.</entry></row>
129
130 <row><entry><varname>ip6tnl</varname></entry>
131 <entry>An IPv4 or IPv6 tunnel over IPv6</entry></row>
132
133 <row><entry><varname>ip6gretap</varname></entry>
037a3ded 134 <entry>A Level 2 GRE tunnel over IPv6.</entry></row>
798d3a52
ZJS		 135
136 <row><entry><varname>ipip</varname></entry>
137 <entry>An IPv4 over IPv4 tunnel.</entry></row>
138
139 <row><entry><varname>ipvlan</varname></entry>
140 <entry>An ipvlan device is a stacked device which receives packets from its underlying device based on IP address filtering.</entry></row>
141
142 <row><entry><varname>macvlan</varname></entry>
143 <entry>A macvlan device is a stacked device which receives packets from its underlying device based on MAC address filtering.</entry></row>
144
0371f2df
SS		 145 <row><entry><varname>macvtap</varname></entry>
146 <entry>A macvtap device is a stacked device which receives packets from its underlying device based on MAC address filtering.</entry></row>
147
798d3a52
ZJS		 148 <row><entry><varname>sit</varname></entry>
149 <entry>An IPv6 over IPv4 tunnel.</entry></row>
150
151 <row><entry><varname>tap</varname></entry>
152 <entry>A persistent Level 2 tunnel between a network device and a device node.</entry></row>
153
154 <row><entry><varname>tun</varname></entry>
155 <entry>A persistent Level 3 tunnel between a network device and a device node.</entry></row>
156
157 <row><entry><varname>veth</varname></entry>
a8eaaee7 158 <entry>An Ethernet tunnel between a pair of network devices.</entry></row>
798d3a52
ZJS		 159
160 <row><entry><varname>vlan</varname></entry>
161 <entry>A VLAN is a stacked device which receives packets from its underlying device based on VLAN tagging. See <ulink url="http://www.ieee802.org/1/pages/802.1Q.html">IEEE 802.1Q</ulink> for details.</entry></row>
162
163 <row><entry><varname>vti</varname></entry>
164 <entry>An IPv4 over IPSec tunnel.</entry></row>
165
5cc0748e
SS		 166 <row><entry><varname>vti6</varname></entry>
167 <entry>An IPv6 over IPSec tunnel.</entry></row>
168
798d3a52
ZJS		 169 <row><entry><varname>vxlan</varname></entry>
170 <entry>A virtual extensible LAN (vxlan), for connecting Cloud computing deployments.</entry></row>
20897a0d 171
6598e046
SS		 172 <row><entry><varname>geneve</varname></entry>
173 <entry>A GEneric NEtwork Virtualization Encapsulation (GENEVE) netdev driver.</entry></row>
174
20897a0d 175 <row><entry><varname>vrf</varname></entry>
92c918b0
SS		 176 <entry>A Virtual Routing and Forwarding (<ulink url="https://www.kernel.org/doc/Documentation/networking/vrf.txt">VRF</ulink>) interface to create separate routing and forwarding domains.</entry></row>
177
178 <row><entry><varname>vcan</varname></entry>
ba9fa3bc 179 <entry>The virtual CAN driver (vcan). Similar to the network loopback devices, vcan offers a virtual local CAN interface.</entry></row>
20897a0d 180
798d3a52
ZJS		 181 </tbody>
182 </tgroup>
183 </table>
184
185 </refsect1>
186
187 <refsect1>
188 <title>[Match] Section Options</title>
189
190 <para>A virtual network device is only created if the
191 <literal>[Match]</literal> section matches the current
192 environment, or if the section is empty. The following keys are
193 accepted:</para>
194
195 <variablelist class='network-directives'>
196 <varlistentry>
197 <term><varname>Host=</varname></term>
198 <listitem>
199 <para>Matches against the hostname or machine ID of the
200 host. See <literal>ConditionHost=</literal> in
201 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
202 for details.
203 </para>
204 </listitem>
205 </varlistentry>
206 <varlistentry>
207 <term><varname>Virtualization=</varname></term>
208 <listitem>
209 <para>Checks whether the system is executed in a virtualized
210 environment and optionally test whether it is a specific
211 implementation. See
212 <literal>ConditionVirtualization=</literal> in
213 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
214 for details.
215 </para>
216 </listitem>
217 </varlistentry>
218 <varlistentry>
219 <term><varname>KernelCommandLine=</varname></term>
220 <listitem>
221 <para>Checks whether a specific kernel command line option
222 is set (or if prefixed with the exclamation mark unset). See
223 <literal>ConditionKernelCommandLine=</literal> in
224 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
225 for details.
226 </para>
227 </listitem>
228 </varlistentry>
229 <varlistentry>
230 <term><varname>Architecture=</varname></term>
231 <listitem>
232 <para>Checks whether the system is running on a specific
233 architecture. See <literal>ConditionArchitecture=</literal> in
234 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
235 for details.
236 </para>
237 </listitem>
238 </varlistentry>
239 </variablelist>
240
241 </refsect1>
242
243 <refsect1>
244 <title>[NetDev] Section Options</title>
245
246 <para>The <literal>[NetDev]</literal> section accepts the
247 following keys:</para>
248
249 <variablelist class='network-directives'>
250 <varlistentry>
251 <term><varname>Description=</varname></term>
252 <listitem>
253 <para>A free-form description of the netdev.</para>
254 </listitem>
255 </varlistentry>
256 <varlistentry>
257 <term><varname>Name=</varname></term>
258 <listitem>
259 <para>The interface name used when creating the netdev.
260 This option is compulsory.</para>
261 </listitem>
262 </varlistentry>
263 <varlistentry>
264 <term><varname>Kind=</varname></term>
265 <listitem>
266 <para>The netdev kind. This option is compulsory. See the
267 <literal>Supported netdev kinds</literal> section for the
268 valid keys.</para>
269 </listitem>
270 </varlistentry>
271 <varlistentry>
272 <term><varname>MTUBytes=</varname></term>
273 <listitem>
274 <para>The maximum transmission unit in bytes to set for
275 the device. The usual suffixes K, M, G, are supported and
276 are understood to the base of 1024. This key is not
ff9b60f3 277 currently supported for <literal>tun</literal> or
798d3a52
ZJS		 278 <literal>tap</literal> devices.
279 </para>
280 </listitem>
281 </varlistentry>
282 <varlistentry>
283 <term><varname>MACAddress=</varname></term>
284 <listitem>
285 <para>The MAC address to use for the device. If none is
286 given, one is generated based on the interface name and
287 the
288 <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
ff9b60f3 289 This key is not currently supported for
798d3a52
ZJS		 290 <literal>tun</literal> or <literal>tap</literal> devices.
291 </para>
292 </listitem>
293 </varlistentry>
294 </variablelist>
295 </refsect1>
296
3428fe07
SS		 297 <refsect1>
298 <title>[Bridge] Section Options</title>
299
300 <para>The <literal>[Bridge]</literal> section only applies for
301 netdevs of kind <literal>bridge</literal>, and accepts the
a8eaaee7 302 following keys:</para>
3428fe07
SS		 303
304 <variablelist class='network-directives'>
305 <varlistentry>
306 <term><varname>HelloTimeSec=</varname></term>
307 <listitem>
a8eaaee7 308 <para>HelloTimeSec specifies the number of seconds between two hello packets
3428fe07
SS		 309 sent out by the root bridge and the designated bridges. Hello packets are
310 used to communicate information about the topology throughout the entire
311 bridged local area network.</para>
312 </listitem>
313 </varlistentry>
314 <varlistentry>
315 <term><varname>MaxAgeSec=</varname></term>
316 <listitem>
317 <para>MaxAgeSec specifies the number of seconds of maximum message age.
318 If the last seen (received) hello packet is more than this number of
319 seconds old, the bridge in question will start the takeover procedure
320 in attempt to become the Root Bridge itself.</para>
321 </listitem>
322 </varlistentry>
323 <varlistentry>
324 <term><varname>ForwardDelaySec=</varname></term>
325 <listitem>
326 <para>ForwardDelaySec specifies the number of seconds spent in each
327 of the Listening and Learning states before the Forwarding state is entered.</para>
328 </listitem>
329 </varlistentry>
c7440e74
TJ		 330 <varlistentry>
331 <term><varname>AgeingTimeSec=</varname></term>
332 <listitem>
333 <para>This specifies the number of seconds a MAC Address will be kept in
d23a0044 334 the forwarding database after having a packet received from this MAC Address.</para>
c7440e74
TJ		 335 </listitem>
336 </varlistentry>
337 <varlistentry>
338 <term><varname>Priority=</varname></term>
339 <listitem>
340 <para>The priority of the bridge. An integer between 0 and 65535. A lower value
341 means higher priority. The bridge having the lowest priority will be elected as root bridge.</para>
342 </listitem>
343 </varlistentry>
344 <varlistentry>
345 <term><varname>DefaultPVID=</varname></term>
346 <listitem>
0d6c68eb
TJ		 347 <para>This specifies the default port VLAN ID of a newly attached bridge port.
348 Set this to an integer in the range 1–4094 or <literal>none</literal> to disable the PVID.</para>
c7440e74
TJ		 349 </listitem>
350 </varlistentry>
3fef7a3f
SS		 351 <varlistentry>
352 <term><varname>MulticastQuerier=</varname></term>
353 <listitem>
354 <para>A boolean. This setting controls the IFLA_BR_MCAST_QUERIER option in the kernel.
355 If enabled, the kernel will send general ICMP queries from a zero source address.
356 This feature should allow faster convergence on startup, but it causes some
357 multicast-aware switches to misbehave and disrupt forwarding of multicast packets.
358 When unset, the kernel's default setting applies.
359 </para>
360 </listitem>
361 </varlistentry>
6df6d898
SS		 362 <varlistentry>
363 <term><varname>MulticastSnooping=</varname></term>
364 <listitem>
365 <para>A boolean. This setting controls the IFLA_BR_MCAST_SNOOPING option in the kernel.
366 If enabled, IGMP snooping monitors the Internet Group Management Protocol (IGMP) traffic
367 between hosts and multicast routers. When unset, the kernel's default setting applies.
368 </para>
369 </listitem>
370 </varlistentry>
c6f8d17d
TJ		 371 <varlistentry>
372 <term><varname>VLANFiltering=</varname></term>
373 <listitem>
374 <para>A boolean. This setting controls the IFLA_BR_VLAN_FILTERING option in the kernel.
375 If enabled, the bridge will be started in VLAN-filtering mode. When unset, the kernel's
376 default setting applies.
377 </para>
378 </listitem>
379 </varlistentry>
b760a9af
SS		 380 <varlistentry>
381 <term><varname>STP=</varname></term>
382 <listitem>
383 <para>A boolean. This enables the bridge's Spanning Tree Protocol (STP). When unset,
384 the kernel's default setting applies.
385 </para>
386 </listitem>
387 </varlistentry>
3428fe07 388 </variablelist>
3428fe07
SS		 389 </refsect1>
390
798d3a52
ZJS		 391 <refsect1>
392 <title>[VLAN] Section Options</title>
393
394 <para>The <literal>[VLAN]</literal> section only applies for
395 netdevs of kind <literal>vlan</literal>, and accepts the
396 following key:</para>
397
398 <variablelist class='network-directives'>
399 <varlistentry>
400 <term><varname>Id=</varname></term>
401 <listitem>
402 <para>The VLAN ID to use. An integer in the range 0–4094.
403 This option is compulsory.</para>
404 </listitem>
405 </varlistentry>
c8b21184
SS		 406 <varlistentry>
407 <term><varname>GVRP=</varname></term>
408 <listitem>
409 <para>The Generic VLAN Registration Protocol (GVRP) is a protocol that
410 allows automatic learning of VLANs on a network. A boolean. When unset,
411 the kernel's default setting applies.</para>
412 </listitem>
413 </varlistentry>
6c1ff21b
SS		 414 <varlistentry>
415 <term><varname>MVRP=</varname></term>
416 <listitem>
417 <para>Multiple VLAN Registration Protocol (MVRP) formerly known as GARP VLAN
418 Registration Protocol (GVRP) is a standards-based Layer 2 network protocol,
419 for automatic configuration of VLAN information on switches. It was defined
420 in the 802.1ak amendment to 802.1Q-2005. A boolean. When unset, the kernel's
421 default setting applies.</para>
422 </listitem>
423 </varlistentry>
424 <varlistentry>
425 <term><varname>LooseBinding=</varname></term>
426 <listitem>
427 <para>The VLAN loose binding mode, in which only the operational state is passed
428 from the parent to the associated VLANs, but the VLAN device state is not changed.
429 A boolean. When unset, the kernel's default setting applies.</para>
430 </listitem>
431 </varlistentry>
432 <varlistentry>
433 <term><varname>ReorderHeader=</varname></term>
434 <listitem>
435 <para>The VLAN reorder header is set VLAN interfaces behave like physical interfaces.
436 A boolean. When unset, the kernel's default setting applies.</para>
437 </listitem>
438 </varlistentry>
798d3a52 439 </variablelist>
798d3a52
ZJS		 440 </refsect1>
441
442 <refsect1>
443 <title>[MACVLAN] Section Options</title>
444
445 <para>The <literal>[MACVLAN]</literal> section only applies for
446 netdevs of kind <literal>macvlan</literal>, and accepts the
447 following key:</para>
448
449 <variablelist class='network-directives'>
450 <varlistentry>
451 <term><varname>Mode=</varname></term>
452 <listitem>
453 <para>The MACVLAN mode to use. The supported options are
454 <literal>private</literal>,
455 <literal>vepa</literal>,
456 <literal>bridge</literal>, and
457 <literal>passthru</literal>.
458 </para>
459 </listitem>
460 </varlistentry>
461 </variablelist>
462
463 </refsect1>
464
0371f2df
SS		 465 <refsect1>
466 <title>[MACVTAP] Section Options</title>
467
468 <para>The <literal>[MACVTAP]</literal> section applies for
469 netdevs of kind <literal>macvtap</literal> and accepts the
96d49011 470 same key as <literal>[MACVLAN]</literal>.</para>
0371f2df
SS		 471
472 </refsect1>
473
798d3a52
ZJS		 474 <refsect1>
475 <title>[IPVLAN] Section Options</title>
476
477 <para>The <literal>[IPVLAN]</literal> section only applies for
478 netdevs of kind <literal>ipvlan</literal>, and accepts the
479 following key:</para>
480
481 <variablelist class='network-directives'>
482 <varlistentry>
483 <term><varname>Mode=</varname></term>
484 <listitem>
485 <para>The IPVLAN mode to use. The supported options are
486 <literal>L2</literal> and <literal>L3</literal>.
487 </para>
488 </listitem>
489 </varlistentry>
490 </variablelist>
491
492 </refsect1>
493
494 <refsect1>
495 <title>[VXLAN] Section Options</title>
496 <para>The <literal>[VXLAN]</literal> section only applies for
497 netdevs of kind <literal>vxlan</literal>, and accepts the
498 following keys:</para>
499
500 <variablelist class='network-directives'>
501 <varlistentry>
502 <term><varname>Id=</varname></term>
503 <listitem>
504 <para>The VXLAN ID to use.</para>
505 </listitem>
506 </varlistentry>
507 <varlistentry>
d35e5d37 508 <term><varname>Remote=</varname></term>
798d3a52 509 <listitem>
d35e5d37 510 <para>Configures destination multicast group IP address.</para>
798d3a52
ZJS		 511 </listitem>
512 </varlistentry>
513 <varlistentry>
d35e5d37
SS		 514 <term><varname>Local=</varname></term>
515 <listitem>
516 <para>Configures local IP address.</para>
517 </listitem>
518 </varlistentry>
519 <varlistentry>
798d3a52
ZJS		 520 <term><varname>TOS=</varname></term>
521 <listitem>
522 <para>The Type Of Service byte value for a vxlan interface.</para>
523 </listitem>
524 </varlistentry>
525 <varlistentry>
526 <term><varname>TTL=</varname></term>
527 <listitem>
528 <para>A fixed Time To Live N on Virtual eXtensible Local
b938cb90 529 Area Network packets. N is a number in the range 1–255. 0
798d3a52
ZJS		 530 is a special value meaning that packets inherit the TTL
531 value.</para>
532 </listitem>
533 </varlistentry>
534 <varlistentry>
535 <term><varname>MacLearning=</varname></term>
536 <listitem>
537 <para>A boolean. When true, enables dynamic MAC learning
538 to discover remote MAC addresses.</para>
539 </listitem>
540 </varlistentry>
541 <varlistentry>
542 <term><varname>FDBAgeingSec=</varname></term>
543 <listitem>
544 <para>The lifetime of Forwarding Database entry learnt by
b938cb90 545 the kernel, in seconds.</para>
798d3a52
ZJS		 546 </listitem>
547 </varlistentry>
548 <varlistentry>
3d276dd2
SS		 549 <term><varname>MaximumFDBEntries=</varname></term>
550 <listitem>
551 <para>Configures maximum number of FDB entries.</para>
552 </listitem>
553 </varlistentry>
798d3a52 554 <varlistentry>
7dd6974c 555 <term><varname>ReduceARPProxy=</varname></term>
798d3a52 556 <listitem>
7dd6974c
SS		 557 <para>A boolean. When true, bridge-connected VXLAN tunnel
558 endpoint answers ARP requests from the local bridge on behalf
559 of remote Distributed Overlay Virtual Ethernet
560 <ulink url="https://en.wikipedia.org/wiki/Distributed_Overlay_Virtual_Ethernet">
561 (DVOE)</ulink> clients. Defaults to false.</para>
798d3a52
ZJS		 562 </listitem>
563 </varlistentry>
564 <varlistentry>
565 <term><varname>L2MissNotification=</varname></term>
566 <listitem>
567 <para>A boolean. When true, enables netlink LLADDR miss
568 notifications.</para>
569 </listitem>
570 </varlistentry>
571 <varlistentry>
572 <term><varname>L3MissNotification=</varname></term>
573 <listitem>
a8eaaee7 574 <para>A boolean. When true, enables netlink IP address miss
798d3a52
ZJS		 575 notifications.</para>
576 </listitem>
577 </varlistentry>
578 <varlistentry>
579 <term><varname>RouteShortCircuit=</varname></term>
580 <listitem>
a8eaaee7 581 <para>A boolean. When true, route short circuiting is turned
798d3a52
ZJS		 582 on.</para>
583 </listitem>
584 </varlistentry>
cffacc74 585 <varlistentry>
53c06862 586 <term><varname>UDPChecksum=</varname></term>
cffacc74 587 <listitem>
b938cb90 588 <para>A boolean. When true, transmitting UDP checksums when doing VXLAN/IPv4 is turned on.</para>
cffacc74
SS		 589 </listitem>
590 </varlistentry>
591 <varlistentry>
592 <term><varname>UDP6ZeroChecksumTx=</varname></term>
593 <listitem>
b938cb90 594 <para>A boolean. When true, sending zero checksums in VXLAN/IPv6 is turned on.</para>
cffacc74
SS		 595 </listitem>
596 </varlistentry>
597 <varlistentry>
53c06862 598 <term><varname>UDP6ZeroChecksumRx=</varname></term>
cffacc74 599 <listitem>
b938cb90 600 <para>A boolean. When true, receiving zero checksums in VXLAN/IPv6 is turned on.</para>
16441027
SS		 601 </listitem>
602 </varlistentry>
603 <varlistentry>
53c06862 604 <term><varname>RemoteChecksumTx=</varname></term>
16441027
SS		 605 <listitem>
606 <para>A boolean. When true, remote transmit checksum offload of VXLAN is turned on.</para>
607 </listitem>
608 </varlistentry>
609 <varlistentry>
53c06862 610 <term><varname>RemoteChecksumRx=</varname></term>
16441027
SS		 611 <listitem>
612 <para>A boolean. When true, remote receive checksum offload in VXLAN is turned on.</para>
cffacc74
SS		 613 </listitem>
614 </varlistentry>
8b414e52
SS		 615 <varlistentry>
616 <term><varname>GroupPolicyExtension=</varname></term>
617 <listitem>
b938cb90
JE		 618 <para>A boolean. When true, it enables Group Policy VXLAN extension security label mechanism
619 across network peers based on VXLAN. For details about the Group Policy VXLAN, see the
8b414e52
SS		 620 <ulink url="https://tools.ietf.org/html/draft-smith-vxlan-group-policy">
621 VXLAN Group Policy </ulink> document. Defaults to false.</para>
622 </listitem>
623 </varlistentry>
ea0288d1
SS		 624 <varlistentry>
625 <term><varname>DestinationPort=</varname></term>
626 <listitem>
627 <para>Configures the default destination UDP port on a per-device basis.
628 If destination port is not specified then Linux kernel default will be used.
98616735
SS		 629 Set destination port 4789 to get the IANA assigned value. If not set or if the
630 destination port is assigned the empty string the default port of 4789 is used.</para>
ea0288d1
SS		 631 </listitem>
632 </varlistentry>
633 <varlistentry>
634 <term><varname>PortRange=</varname></term>
635 <listitem>
636 <para>Configures VXLAN port range. VXLAN bases source
637 UDP port based on flow to help the receiver to be able
638 to load balance based on outer header flow. It
639 restricts the port range to the normal UDP local
640 ports, and allows overriding via configuration.</para>
641 </listitem>
642 </varlistentry>
d8653945
SS		 643 <varlistentry>
644 <term><varname>FlowLabel=</varname></term>
645 <listitem>
646 <para>Specifies the flow label to use in outgoing packets.
647 The valid range is 0-1048575.
648 </para>
649 </listitem>
650 </varlistentry>
798d3a52
ZJS		 651 </variablelist>
652 </refsect1>
6598e046
SS		 653 <refsect1>
654 <title>[GENEVE] Section Options</title>
655 <para>The <literal>[GENEVE]</literal> section only applies for
656 netdevs of kind <literal>geneve</literal>, and accepts the
657 following keys:</para>
658
659 <variablelist class='network-directives'>
660 <varlistentry>
661 <term><varname>Id=</varname></term>
662 <listitem>
785889e5 663 <para>Specifies the Virtual Network Identifier (VNI) to use. Ranges [0-16777215].</para>
6598e046
SS		 664 </listitem>
665 </varlistentry>
666 <varlistentry>
667 <term><varname>Remote=</varname></term>
668 <listitem>
669 <para>Specifies the unicast destination IP address to use in outgoing packets.</para>
670 </listitem>
671 </varlistentry>
672 <varlistentry>
673 <term><varname>TOS=</varname></term>
674 <listitem>
98616735 675 <para>Specifies the TOS value to use in outgoing packets. Ranges [1-255].</para>
6598e046
SS		 676 </listitem>
677 </varlistentry>
678 <varlistentry>
679 <term><varname>TTL=</varname></term>
680 <listitem>
98616735 681 <para>Specifies the TTL value to use in outgoing packets. Ranges [1-255].</para>
6598e046
SS		 682 </listitem>
683 </varlistentry>
684 <varlistentry>
685 <term><varname>UDPChecksum=</varname></term>
686 <listitem>
687 <para>A boolean. When true, specifies if UDP checksum is calculated for transmitted packets over IPv4.</para>
688 </listitem>
689 </varlistentry>
690 <varlistentry>
691 <term><varname>UDP6ZeroChecksumTx=</varname></term>
692 <listitem>
693 <para>A boolean. When true, skip UDP checksum calculation for transmitted packets over IPv6.</para>
694 </listitem>
695 </varlistentry>
696 <varlistentry>
697 <term><varname>UDP6ZeroChecksumRx=</varname></term>
698 <listitem>
699 <para>A boolean. When true, allows incoming UDP packets over IPv6 with zero checksum field.</para>
700 </listitem>
701 </varlistentry>
702 <varlistentry>
703 <term><varname>DestinationPort=</varname></term>
704 <listitem>
98616735
SS		 705 <para>Specifies destination port. Defaults to 6081. If not set or assigned the empty string, the default
706 port of 6081 is used.</para>
6598e046
SS		 707 </listitem>
708 </varlistentry>
709 <varlistentry>
710 <term><varname>FlowLabel=</varname></term>
711 <listitem>
712 <para>Specifies the flow label to use in outgoing packets.</para>
713 </listitem>
714 </varlistentry>
715 </variablelist>
716 </refsect1>
798d3a52
ZJS		 717 <refsect1>
718 <title>[Tunnel] Section Options</title>
719
720 <para>The <literal>[Tunnel]</literal> section only applies for
721 netdevs of kind
722 <literal>ipip</literal>,
723 <literal>sit</literal>,
724 <literal>gre</literal>,
725 <literal>gretap</literal>,
726 <literal>ip6gre</literal>,
727 <literal>ip6gretap</literal>,
5cc0748e
SS		 728 <literal>vti</literal>,
729 <literal>vti6</literal>, and
798d3a52
ZJS		 730 <literal>ip6tnl</literal> and accepts
731 the following keys:</para>
732
733 <variablelist class='network-directives'>
734 <varlistentry>
735 <term><varname>Local=</varname></term>
736 <listitem>
737 <para>A static local address for tunneled packets. It must
738 be an address on another interface of this host.</para>
739 </listitem>
740 </varlistentry>
741 <varlistentry>
742 <term><varname>Remote=</varname></term>
743 <listitem>
744 <para>The remote endpoint of the tunnel.</para>
745 </listitem>
746 </varlistentry>
747 <varlistentry>
748 <term><varname>TOS=</varname></term>
749 <listitem>
750 <para>The Type Of Service byte value for a tunnel interface.
b938cb90 751 For details about the TOS, see the
798d3a52
ZJS		 752 <ulink url="http://tools.ietf.org/html/rfc1349"> Type of
753 Service in the Internet Protocol Suite </ulink> document.
754 </para>
755 </listitem>
756 </varlistentry>
757 <varlistentry>
758 <term><varname>TTL=</varname></term>
759 <listitem>
760 <para>A fixed Time To Live N on tunneled packets. N is a
b938cb90 761 number in the range 1–255. 0 is a special value meaning that
798d3a52 762 packets inherit the TTL value. The default value for IPv4
b938cb90 763 tunnels is: inherit. The default value for IPv6 tunnels is
798d3a52
ZJS		 764 64.</para>
765 </listitem>
766 </varlistentry>
767 <varlistentry>
768 <term><varname>DiscoverPathMTU=</varname></term>
769 <listitem>
770 <para>A boolean. When true, enables Path MTU Discovery on
771 the tunnel.</para>
772 </listitem>
773 </varlistentry>
276de526
SS		 774 <varlistentry>
775 <term><varname>IPv6FlowLabel=</varname></term>
776 <listitem>
a8eaaee7 777 <para>Configures the 20-bit flow label (see <ulink url="https://tools.ietf.org/html/rfc6437">
276de526 778 RFC 6437</ulink>) field in the IPv6 header (see <ulink url="https://tools.ietf.org/html/rfc2460">
a8eaaee7
JE		 779 RFC 2460</ulink>), which is used by a node to label packets of a flow.
780 It is only used for IPv6 tunnels.
781 A flow label of zero is used to indicate packets that have
782 not been labeled.
783 It can be configured to a value in the range 0–0xFFFFF, or be
784 set to <literal>inherit</literal>, in which case the original flowlabel is used.</para>
276de526
SS		 785 </listitem>
786 </varlistentry>
9b0ca30a 787 <varlistentry>
a9b70f9d 788 <term><varname>CopyDSCP=</varname></term>
9b0ca30a 789 <listitem>
3cf4bcab
ZJS		 790 <para>A boolean. When true, the Differentiated Service Code
791 Point (DSCP) field will be copied to the inner header from
a9b70f9d 792 outer header during the decapsulation of an IPv6 tunnel
3cf4bcab
ZJS		 793 packet. DSCP is a field in an IP packet that enables different
794 levels of service to be assigned to network traffic.
795 Defaults to <literal>no</literal>.
9b0ca30a
SS		 796 </para>
797 </listitem>
798 </varlistentry>
dae398a8
SS		 799 <varlistentry>
800 <term><varname>EncapsulationLimit=</varname></term>
801 <listitem>
802 <para>The Tunnel Encapsulation Limit option specifies how many additional
803 levels of encapsulation are permitted to be prepended to the packet.
804 For example, a Tunnel Encapsulation Limit option containing a limit
805 value of zero means that a packet carrying that option may not enter
806 another tunnel before exiting the current tunnel.
807 (see <ulink url="https://tools.ietf.org/html/rfc2473#section-4.1.1"> RFC 2473</ulink>).
b938cb90 808 The valid range is 0–255 and <literal>none</literal>. Defaults to 4.
dae398a8
SS		 809 </para>
810 </listitem>
811 </varlistentry>
1d710029
SS		 812 <varlistentry>
813 <term><varname>Key=</varname></term>
814 <listitem>
815 <para>The <varname>Key=</varname> parameter specifies the same key to use in
816 both directions (<varname>InputKey=</varname> and <varname>OutputKey=</varname>).
817 The <varname>Key=</varname> is either a number or an IPv4 address-like dotted quad.
818 It is used as mark-configured SAD/SPD entry as part of the lookup key (both in data
819 and control path) in ip xfrm (framework used to implement IPsec protocol).
820 See <ulink url="http://man7.org/linux/man-pages/man8/ip-xfrm.8.html">
e306f2df 821 ip-xfrm — transform configuration</ulink> for details. It is only used for VTI/VTI6
1d710029
SS		 822 tunnels.</para>
823 </listitem>
824 </varlistentry>
825 <varlistentry>
826 <term><varname>InputKey=</varname></term>
827 <listitem>
828 <para>The <varname>InputKey=</varname> parameter specifies the key to use for input.
829 The format is same as <varname>Key=</varname>. It is only used for VTI/VTI6 tunnels.</para>
830 </listitem>
831 </varlistentry>
832 <varlistentry>
833 <term><varname>OutputKey=</varname></term>
834 <listitem>
835 <para>The <varname>OutputKey=</varname> parameter specifies the key to use for output.
836 The format is same as <varname>Key=</varname>. It is only used for VTI/VTI6 tunnels.</para>
837 </listitem>
838 </varlistentry>
798d3a52
ZJS		 839 <varlistentry>
840 <term><varname>Mode=</varname></term>
841 <listitem>
a8eaaee7 842 <para>An <literal>ip6tnl</literal> tunnel can be in one of three
798d3a52
ZJS		 843 modes
844 <literal>ip6ip6</literal> for IPv6 over IPv6,
845 <literal>ipip6</literal> for IPv4 over IPv6 or
846 <literal>any</literal> for either.
847 </para>
848 </listitem>
849 </varlistentry>
850 </variablelist>
851 </refsect1>
852 <refsect1>
853 <title>[Peer] Section Options</title>
854
855 <para>The <literal>[Peer]</literal> section only applies for
856 netdevs of kind <literal>veth</literal> and accepts the
a8eaaee7 857 following keys:</para>
798d3a52
ZJS		 858
859 <variablelist class='network-directives'>
860 <varlistentry>
861 <term><varname>Name=</varname></term>
862 <listitem>
863 <para>The interface name used when creating the netdev.
864 This option is compulsory.</para>
865 </listitem>
866 </varlistentry>
867 <varlistentry>
868 <term><varname>MACAddress=</varname></term>
869 <listitem>
b938cb90 870 <para>The peer MACAddress, if not set, it is generated in
798d3a52
ZJS		 871 the same way as the MAC address of the main
872 interface.</para>
873 </listitem>
874 </varlistentry>
875 </variablelist>
876 </refsect1>
877 <refsect1>
878 <title>[Tun] Section Options</title>
879
880 <para>The <literal>[Tun]</literal> section only applies for
881 netdevs of kind <literal>tun</literal>, and accepts the following
882 keys:</para>
883
884 <variablelist class='network-directives'>
885 <varlistentry>
886 <term><varname>OneQueue=</varname></term>
887 <listitem><para>Takes a boolean argument. Configures whether
888 all packets are queued at the device (enabled), or a fixed
889 number of packets are queued at the device and the rest at the
890 <literal>qdisc</literal>. Defaults to
891 <literal>no</literal>.</para>
892 </listitem>
893 </varlistentry>
894 <varlistentry>
895 <term><varname>MultiQueue=</varname></term>
896 <listitem><para>Takes a boolean argument. Configures whether
897 to use multiple file descriptors (queues) to parallelize
898 packets sending and receiving. Defaults to
899 <literal>no</literal>.</para>
900 </listitem>
901 </varlistentry>
902 <varlistentry>
903 <term><varname>PacketInfo=</varname></term>
904 <listitem><para>Takes a boolean argument. Configures whether
ff9b60f3 905 packets should be prepended with four extra bytes (two flag
b938cb90 906 bytes and two protocol bytes). If disabled, it indicates that
798d3a52
ZJS		 907 the packets will be pure IP packets. Defaults to
908 <literal>no</literal>.</para>
909 </listitem>
910 </varlistentry>
43f78da4 911 <varlistentry>
2aba142e 912 <term><varname>VNetHeader=</varname></term>
43f78da4
SS		 913 <listitem><para>Takes a boolean argument. Configures
914 IFF_VNET_HDR flag for a tap device. It allows sending
915 and receiving larger Generic Segmentation Offload (GSO)
916 packets. This may increase throughput significantly.
917 Defaults to
918 <literal>no</literal>.</para>
919 </listitem>
920 </varlistentry>
798d3a52
ZJS		 921 <varlistentry>
922 <term><varname>User=</varname></term>
923 <listitem><para>User to grant access to the
924 <filename>/dev/net/tun</filename> device.</para>
925 </listitem>
926 </varlistentry>
927 <varlistentry>
928 <term><varname>Group=</varname></term>
929 <listitem><para>Group to grant access to the
930 <filename>/dev/net/tun</filename> device.</para>
931 </listitem>
932 </varlistentry>
933
934 </variablelist>
935
936 </refsect1>
937
938 <refsect1>
939 <title>[Tap] Section Options</title>
940
941 <para>The <literal>[Tap]</literal> section only applies for
942 netdevs of kind <literal>tap</literal>, and accepts the same keys
943 as the <literal>[Tun]</literal> section.</para>
944 </refsect1>
945
946 <refsect1>
947 <title>[Bond] Section Options</title>
948
949 <para>The <literal>[Bond]</literal> section accepts the following
950 key:</para>
951
952 <variablelist class='network-directives'>
953 <varlistentry>
954 <term><varname>Mode=</varname></term>
955 <listitem>
956 <para>Specifies one of the bonding policies. The default is
957 <literal>balance-rr</literal> (round robin). Possible values are
958 <literal>balance-rr</literal>,
959 <literal>active-backup</literal>,
960 <literal>balance-xor</literal>,
961 <literal>broadcast</literal>,
962 <literal>802.3ad</literal>,
963 <literal>balance-tlb</literal>, and
964 <literal>balance-alb</literal>.
965 </para>
966 </listitem>
967 </varlistentry>
968
969 <varlistentry>
970 <term><varname>TransmitHashPolicy=</varname></term>
971 <listitem>
972 <para>Selects the transmit hash policy to use for slave
973 selection in balance-xor, 802.3ad, and tlb modes. Possible
974 values are
975 <literal>layer2</literal>,
976 <literal>layer3+4</literal>,
977 <literal>layer2+3</literal>,
4d89618a 978 <literal>encap2+3</literal>, and
798d3a52
ZJS		 979 <literal>encap3+4</literal>.
980 </para>
981 </listitem>
982 </varlistentry>
983
984 <varlistentry>
985 <term><varname>LACPTransmitRate=</varname></term>
986 <listitem>
987 <para>Specifies the rate with which link partner transmits
988 Link Aggregation Control Protocol Data Unit packets in
989 802.3ad mode. Possible values are <literal>slow</literal>,
990 which requests partner to transmit LACPDUs every 30 seconds,
991 and <literal>fast</literal>, which requests partner to
992 transmit LACPDUs every second. The default value is
993 <literal>slow</literal>.</para>
994 </listitem>
995 </varlistentry>
996
997 <varlistentry>
998 <term><varname>MIIMonitorSec=</varname></term>
999 <listitem>
1000 <para>Specifies the frequency that Media Independent
1001 Interface link monitoring will occur. A value of zero
dd2b607b 1002 disables MII link monitoring. This value is rounded down to
798d3a52
ZJS		 1003 the nearest millisecond. The default value is 0.</para>
1004 </listitem>
1005 </varlistentry>
1006
1007 <varlistentry>
1008 <term><varname>UpDelaySec=</varname></term>
1009 <listitem>
1010 <para>Specifies the delay before a link is enabled after a
1011 link up status has been detected. This value is rounded down
1012 to a multiple of MIIMonitorSec. The default value is
1013 0.</para>
1014 </listitem>
1015 </varlistentry>
1016
1017 <varlistentry>
1018 <term><varname>DownDelaySec=</varname></term>
1019 <listitem>
1020 <para>Specifies the delay before a link is disabled after a
1021 link down status has been detected. This value is rounded
1022 down to a multiple of MIIMonitorSec. The default value is
1023 0.</para>
1024 </listitem>
1025 </varlistentry>
1026
81bd37a8 1027 <varlistentry>
38422da7 1028 <term><varname>LearnPacketIntervalSec=</varname></term>
81bd37a8
SS		 1029 <listitem>
1030 <para>Specifies the number of seconds between instances where the bonding
a8eaaee7
JE		 1031 driver sends learning packets to each slave peer switch.
1032 The valid range is 1–0x7fffffff; the default value is 1. This option
1033 has an effect only for the balance-tlb and balance-alb modes.</para>
81bd37a8
SS		 1034 </listitem>
1035 </varlistentry>
1036
1037 <varlistentry>
1038 <term><varname>AdSelect=</varname></term>
1039 <listitem>
1040 <para>Specifies the 802.3ad aggregation selection logic to use. Possible values are
1041 <literal>stable</literal>,
a8eaaee7
JE		 1042 <literal>bandwidth</literal> and
1043 <literal>count</literal>.
81bd37a8
SS		 1044 </para>
1045 </listitem>
1046 </varlistentry>
1047
1048 <varlistentry>
38422da7 1049 <term><varname>FailOverMACPolicy=</varname></term>
81bd37a8 1050 <listitem>
a8eaaee7
JE		 1051 <para>Specifies whether the active-backup mode should set all slaves to
1052 the same MAC address at the time of enslavement or, when enabled, to perform special handling of the
81bd37a8
SS		 1053 bond's MAC address in accordance with the selected policy. The default policy is none.
1054 Possible values are
1055 <literal>none</literal>,
a8eaaee7
JE		 1056 <literal>active</literal> and
1057 <literal>follow</literal>.
81bd37a8
SS		 1058 </para>
1059 </listitem>
1060 </varlistentry>
1061
1062 <varlistentry>
38422da7 1063 <term><varname>ARPValidate=</varname></term>
81bd37a8
SS		 1064 <listitem>
1065 <para>Specifies whether or not ARP probes and replies should be
38422da7 1066 validated in any mode that supports ARP monitoring, or whether
81bd37a8
SS		 1067 non-ARP traffic should be filtered (disregarded) for link
1068 monitoring purposes. Possible values are
1069 <literal>none</literal>,
1070 <literal>active</literal>,
a8eaaee7
JE		 1071 <literal>backup</literal> and
1072 <literal>all</literal>.
81bd37a8
SS		 1073 </para>
1074 </listitem>
1075 </varlistentry>
1076
1077 <varlistentry>
38422da7 1078 <term><varname>ARPIntervalSec=</varname></term>
81bd37a8
SS		 1079 <listitem>
1080 <para>Specifies the ARP link monitoring frequency in milliseconds.
1081 A value of 0 disables ARP monitoring. The default value is 0.
1082 </para>
1083 </listitem>
1084 </varlistentry>
1085
1086 <varlistentry>
38422da7 1087 <term><varname>ARPIPTargets=</varname></term>
81bd37a8
SS		 1088 <listitem>
1089 <para>Specifies the IP addresses to use as ARP monitoring peers when
38422da7 1090 ARPIntervalSec is greater than 0. These are the targets of the ARP request
81bd37a8 1091 sent to determine the health of the link to the targets.
a8eaaee7 1092 Specify these values in IPv4 dotted decimal format. At least one IP
81bd37a8
SS		 1093 address must be given for ARP monitoring to function. The
1094 maximum number of targets that can be specified is 16. The
1095 default value is no IP addresses.
1096 </para>
1097 </listitem>
1098 </varlistentry>
1099
1100 <varlistentry>
38422da7 1101 <term><varname>ARPAllTargets=</varname></term>
81bd37a8 1102 <listitem>
38422da7 1103 <para>Specifies the quantity of ARPIPTargets that must be reachable
81bd37a8
SS		 1104 in order for the ARP monitor to consider a slave as being up.
1105 This option affects only active-backup mode for slaves with
38422da7 1106 ARPValidate enabled. Possible values are
a8eaaee7
JE		 1107 <literal>any</literal> and
1108 <literal>all</literal>.
81bd37a8
SS		 1109 </para>
1110 </listitem>
1111 </varlistentry>
1112
1113 <varlistentry>
38422da7 1114 <term><varname>PrimaryReselectPolicy=</varname></term>
81bd37a8
SS		 1115 <listitem>
1116 <para>Specifies the reselection policy for the primary slave. This
1117 affects how the primary slave is chosen to become the active slave
1118 when failure of the active slave or recovery of the primary slave
1119 occurs. This option is designed to prevent flip-flopping between
1120 the primary slave and other slaves. Possible values are
1121 <literal>always</literal>,
a8eaaee7
JE		 1122 <literal>better</literal> and
1123 <literal>failure</literal>.
81bd37a8
SS		 1124 </para>
1125 </listitem>
1126 </varlistentry>
1127
1128 <varlistentry>
1129 <term><varname>ResendIGMP=</varname></term>
1130 <listitem>
1131 <para>Specifies the number of IGMP membership reports to be issued after
1132 a failover event. One membership report is issued immediately after
1133 the failover, subsequent packets are sent in each 200ms interval.
b938cb90 1134 The valid range is 0–255. Defaults to 1. A value of 0
81bd37a8
SS		 1135 prevents the IGMP membership report from being issued in response
1136 to the failover event.
1137 </para>
1138 </listitem>
1139 </varlistentry>
1140
1141 <varlistentry>
1142 <term><varname>PacketsPerSlave=</varname></term>
1143 <listitem>
b938cb90
JE		 1144 <para>Specify the number of packets to transmit through a slave before
1145 moving to the next one. When set to 0, then a slave is chosen at
1146 random. The valid range is 0–65535. Defaults to 1. This option
a8eaaee7 1147 only has effect when in balance-rr mode.
81bd37a8
SS		 1148 </para>
1149 </listitem>
1150 </varlistentry>
1151
1152 <varlistentry>
38422da7 1153 <term><varname>GratuitousARP=</varname></term>
81bd37a8
SS		 1154 <listitem>
1155 <para>Specify the number of peer notifications (gratuitous ARPs and
1156 unsolicited IPv6 Neighbor Advertisements) to be issued after a
b938cb90 1157 failover event. As soon as the link is up on the new slave,
81bd37a8
SS		 1158 a peer notification is sent on the bonding device and each
1159 VLAN sub-device. This is repeated at each link monitor interval
38422da7 1160 (ARPIntervalSec or MIIMonitorSec, whichever is active) if the number is
a8eaaee7 1161 greater than 1. The valid range is 0–255. The default value is 1.
38422da7 1162 These options affect only the active-backup mode.
81bd37a8
SS		 1163 </para>
1164 </listitem>
1165 </varlistentry>
1166
1167 <varlistentry>
1168 <term><varname>AllSlavesActive=</varname></term>
1169 <listitem>
a8eaaee7
JE		 1170 <para>A boolean. Specifies that duplicate frames (received on inactive ports)
1171 should be dropped when false, or delivered when true. Normally, bonding will drop
81bd37a8
SS		 1172 duplicate frames (received on inactive ports), which is desirable for
1173 most users. But there are some times it is nice to allow duplicate
1174 frames to be delivered. The default value is false (drop duplicate frames
1175 received on inactive ports).
1176 </para>
1177 </listitem>
1178 </varlistentry>
1179
1180 <varlistentry>
1181 <term><varname>MinLinks=</varname></term>
1182 <listitem>
1183 <para>Specifies the minimum number of links that must be active before
1184 asserting carrier. The default value is 0.
1185 </para>
1186 </listitem>
1187 </varlistentry>
1188
eb64b435
SS		 1189 <varlistentry>
1190 <term><varname>ActiveSlave=</varname></term>
1191 <listitem>
1192 <para>A boolean. Specifies the new active slave. The <literal>ActiveSlave=</literal>
1193 option is only valid for following modes:
1194 <literal>active-backup</literal>,
1195 <literal>balance-alb</literal> and
1196 <literal>balance-tlb</literal>. Defaults to false.
1197 </para>
1198 </listitem>
1199 </varlistentry>
1200
1201 <varlistentry>
1202 <term><varname>PrimarySlave=</varname></term>
1203 <listitem>
1204 <para>A boolean. Specifies which slave is the primary device. The specified
1205 device will always be the active slave while it is available. Only when the
1206 primary is off-line will alternate devices be used. This is useful when
1207 one slave is preferred over another, e.g. when one slave has higher throughput
1208 than another. The <literal>PrimarySlave=</literal> option is only valid for
1209 following modes:
1210 <literal>active-backup</literal>,
1211 <literal>balance-alb</literal> and
1212 <literal>balance-tlb</literal>. Defaults to false.
1213 </para>
1214 </listitem>
1215 </varlistentry>
798d3a52 1216 </variablelist>
81bd37a8
SS		 1217
1218 <para>For more detail information see
1219 <ulink url="https://www.kernel.org/doc/Documentation/networking/bonding.txt">
1220 Linux Ethernet Bonding Driver HOWTO</ulink></para>
1221
798d3a52
ZJS		 1222 </refsect1>
1223
1224 <refsect1>
1225 <title>Example</title>
1226 <example>
6c1695be 1227 <title>/etc/systemd/network/25-bridge.netdev</title>
798d3a52
ZJS		 1228
1229 <programlisting>[NetDev]
eac684ef
TG		 1230Name=bridge0
1231Kind=bridge</programlisting>
798d3a52 1232 </example>
eac684ef 1233
798d3a52 1234 <example>
6c1695be 1235 <title>/etc/systemd/network/25-vlan1.netdev</title>
eac684ef 1236
798d3a52 1237 <programlisting>[Match]
eac684ef
TG		 1238Virtualization=no
1239
1240[NetDev]
1241Name=vlan1
1242Kind=vlan
1243
1244[VLAN]
1245Id=1</programlisting>
798d3a52
ZJS		 1246 </example>
1247 <example>
6c1695be 1248 <title>/etc/systemd/network/25-ipip.netdev</title>
798d3a52 1249 <programlisting>[NetDev]
b35a2909
TG		 1250Name=ipip-tun
1251Kind=ipip
1252MTUBytes=1480
1253
1254[Tunnel]
1255Local=192.168.223.238
1256Remote=192.169.224.239
1257TTL=64</programlisting>
798d3a52
ZJS		 1258 </example>
1259 <example>
6c1695be 1260 <title>/etc/systemd/network/25-tap.netdev</title>
798d3a52 1261 <programlisting>[NetDev]
30ae9dfd
SS		 1262Name=tap-test
1263Kind=tap
1264
1265[Tap]
1266MultiQueue=true
1267PacketInfo=true</programlisting> </example>
eac684ef 1268
798d3a52 1269 <example>
6c1695be 1270 <title>/etc/systemd/network/25-sit.netdev</title>
798d3a52 1271 <programlisting>[NetDev]
b35a2909
TG		 1272Name=sit-tun
1273Kind=sit
1274MTUBytes=1480
1275
1276[Tunnel]
1277Local=10.65.223.238
1278Remote=10.65.223.239</programlisting>
798d3a52 1279 </example>
eac684ef 1280
798d3a52 1281 <example>
6c1695be 1282 <title>/etc/systemd/network/25-gre.netdev</title>
798d3a52 1283 <programlisting>[NetDev]
b35a2909
TG		 1284Name=gre-tun
1285Kind=gre
1286MTUBytes=1480
1287
1288[Tunnel]
1289Local=10.65.223.238
1290Remote=10.65.223.239</programlisting>
798d3a52 1291 </example>
b35a2909 1292
798d3a52 1293 <example>
6c1695be 1294 <title>/etc/systemd/network/25-vti.netdev</title>
b35a2909 1295
798d3a52 1296 <programlisting>[NetDev]
b35a2909
TG		 1297Name=vti-tun
1298Kind=vti
1299MTUBytes=1480
1300
1301[Tunnel]
1302Local=10.65.223.238
1303Remote=10.65.223.239</programlisting>
798d3a52 1304 </example>
b35a2909 1305
798d3a52 1306 <example>
6c1695be 1307 <title>/etc/systemd/network/25-veth.netdev</title>
798d3a52 1308 <programlisting>[NetDev]
b35a2909
TG		 1309Name=veth-test
1310Kind=veth
1311
1312[Peer]
1313Name=veth-peer</programlisting>
798d3a52 1314 </example>
b35a2909 1315
d94facdc 1316 <example>
6c1695be 1317 <title>/etc/systemd/network/25-bond.netdev</title>
d94facdc
MH		 1318 <programlisting>[NetDev]
1319Name=bond1
1320Kind=bond
1321
1322[Bond]
1323Mode=802.3ad
1324TransmitHashPolicy=layer3+4
1325MIIMonitorSec=1s
1326LACPTransmitRate=fast
1327</programlisting>
1328 </example>
1329
798d3a52 1330 <example>
6c1695be 1331 <title>/etc/systemd/network/25-dummy.netdev</title>
798d3a52 1332 <programlisting>[NetDev]
9e358851
TG		 1333Name=dummy-test
1334Kind=dummy
1335MACAddress=12:34:56:78:9a:bc</programlisting>
798d3a52 1336 </example>
20897a0d
AR		 1337 <example>
1338 <title>/etc/systemd/network/25-vrf.netdev</title>
037a3ded 1339 <para>Create a VRF interface with table 42.</para>
20897a0d
AR		 1340 <programlisting>[NetDev]
1341Name=vrf-test
1342Kind=vrf
798d3a52 1343
20897a0d
AR		 1344[VRF]
1345TableId=42</programlisting>
1346 </example>
42125eda
SS		 1347
1348 <example>
1349 <title>/etc/systemd/network/25-macvtap.netdev</title>
1350 <para>Create a MacVTap device.</para>
1351 <programlisting>[NetDev]
1352Name=macvtap-test
1353Kind=macvtap
1354 </programlisting>
1355 </example>
798d3a52
ZJS		 1356 </refsect1>
1357 <refsect1>
1358 <title>See Also</title>
1359 <para>
1360 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
1361 <citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
1362 <citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1363 <citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
1364 </para>
1365 </refsect1>
eac684ef
TG		 1366
1367</refentry>
Unnamed repository; edit this file 'description' to name the repository.