]> git.ipfire.org Git - thirdparty/systemd.git/blob - man/systemd.network.xml
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge pull request #704 from richardmaw-codethink/empty-arg-unquote
[thirdparty/systemd.git] / man / systemd.network.xml
1 <?xml version='1.0'?> <!--*-nxml-*-->
2 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
3 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
4
5 <!--
6 This file is part of systemd.
7
8 Copyright 2013 Tom Gundersen
9
10 systemd is free software; you can redistribute it and/or modify it
11 under the terms of the GNU Lesser General Public License as published by
12 the Free Software Foundation; either version 2.1 of the License, or
13 (at your option) any later version.
14
15 systemd is distributed in the hope that it will be useful, but
16 WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
19
20 You should have received a copy of the GNU Lesser General Public License
21 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 -->
23
24 <refentry id="systemd.network" conditional='ENABLE_NETWORKD'>
25
26 <refentryinfo>
27 <title>systemd.network</title>
28 <productname>systemd</productname>
29
30 <authorgroup>
31 <author>
32 <contrib>Developer</contrib>
33 <firstname>Tom</firstname>
34 <surname>Gundersen</surname>
35 <email>teg@jklm.no</email>
36 </author>
37 </authorgroup>
38 </refentryinfo>
39
40 <refmeta>
41 <refentrytitle>systemd.network</refentrytitle>
42 <manvolnum>5</manvolnum>
43 </refmeta>
44
45 <refnamediv>
46 <refname>systemd.network</refname>
47 <refpurpose>Network configuration</refpurpose>
48 </refnamediv>
49
50 <refsynopsisdiv>
51 <para><filename><replaceable>network</replaceable>.network</filename></para>
52 </refsynopsisdiv>
53
54 <refsect1>
55 <title>Description</title>
56
57 <para>Network setup is performed by
58 <citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
59 </para>
60
61 <para>Network files must have the extension
62 <filename>.network</filename>; other extensions are ignored.
63 Networks are applied to links whenever the links appear.</para>
64
65 <para>The <filename>.network</filename> files are read from the
66 files located in the system network directory
67 <filename>/usr/lib/systemd/network</filename>, the volatile
68 runtime network directory
69 <filename>/run/systemd/network</filename> and the local
70 administration network directory
71 <filename>/etc/systemd/network</filename>. All configuration files
72 are collectively sorted and processed in lexical order, regardless
73 of the directories in which they live. However, files with
74 identical filenames replace each other. Files in
75 <filename>/etc</filename> have the highest priority, files in
76 <filename>/run</filename> take precedence over files with the same
77 name in <filename>/usr/lib</filename>. This can be used to
78 override a system-supplied configuration file with a local file if
79 needed; a symlink in <filename>/etc</filename> with the same name
80 as a configuration file in <filename>/usr/lib</filename>, pointing
81 to <filename>/dev/null</filename>, disables the configuration file
82 entirely.</para>
83
84 </refsect1>
85
86 <refsect1>
87 <title>[Match] Section Options</title>
88
89 <para>The network file contains a <literal>[Match]</literal>
90 section, which determines if a given network file may be applied
91 to a given device; and a <literal>[Network]</literal> section
92 specifying how the device should be configured. The first (in
93 lexical order) of the network files that matches a given device
94 is applied, all later files are ignored, even if they match as
95 well.</para>
96
97 <para>A network file is said to match a device if each of the
98 entries in the <literal>[Match]</literal> section matches, or if
99 the section is empty. The following keys are accepted:</para>
100
101 <variablelist class='network-directives'>
102 <varlistentry>
103 <term><varname>MACAddress=</varname></term>
104 <listitem>
105 <para>The hardware address.</para>
106 </listitem>
107 </varlistentry>
108 <varlistentry>
109 <term><varname>Path=</varname></term>
110 <listitem>
111 <para>A whitespace-separated list of shell-style globs
112 matching the persistent path, as exposed by the udev
113 property <literal>ID_PATH</literal>.</para>
114 </listitem>
115 </varlistentry>
116 <varlistentry>
117 <term><varname>Driver=</varname></term>
118 <listitem>
119 <para>A whitespace-separated list of shell-style globs
120 matching the driver currently bound to the device, as
121 exposed by the udev property <literal>DRIVER</literal>
122 of its parent device, or if that is not set the driver
123 as exposed by <literal>ethtool -i</literal> of the
124 device itself.</para>
125 </listitem>
126 </varlistentry>
127 <varlistentry>
128 <term><varname>Type=</varname></term>
129 <listitem>
130 <para>A whitespace-separated list of shell-style globs
131 matching the device type, as exposed by the udev property
132 <literal>DEVTYPE</literal>.</para>
133 </listitem>
134 </varlistentry>
135 <varlistentry>
136 <term><varname>Name=</varname></term>
137 <listitem>
138 <para>A whitespace-separated list of shell-style globs
139 matching the device name, as exposed by the udev property
140 <literal>INTERFACE</literal>.</para>
141 </listitem>
142 </varlistentry>
143 <varlistentry>
144 <term><varname>Host=</varname></term>
145 <listitem>
146 <para>Matches against the hostname or machine ID of the
147 host. See <literal>ConditionHost=</literal> in
148 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
149 for details.
150 </para>
151 </listitem>
152 </varlistentry>
153 <varlistentry>
154 <term><varname>Virtualization=</varname></term>
155 <listitem>
156 <para>Checks whether the system is executed in a virtualized
157 environment and optionally test whether it is a specific
158 implementation. See <literal>ConditionVirtualization=</literal> in
159 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
160 for details.
161 </para>
162 </listitem>
163 </varlistentry>
164 <varlistentry>
165 <term><varname>KernelCommandLine=</varname></term>
166 <listitem>
167 <para>Checks whether a specific kernel command line option is
168 set (or if prefixed with the exclamation mark unset). See
169 <literal>ConditionKernelCommandLine=</literal> in
170 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
171 for details.
172 </para>
173 </listitem>
174 </varlistentry>
175 <varlistentry>
176 <term><varname>Architecture=</varname></term>
177 <listitem>
178 <para>Checks whether the system is running on a specific
179 architecture. See <literal>ConditionArchitecture=</literal> in
180 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
181 for details.
182 </para>
183 </listitem>
184 </varlistentry>
185 </variablelist>
186
187 </refsect1>
188
189 <refsect1>
190 <title>[Link] Section Options</title>
191
192 <para> The <literal>[Link]</literal> section accepts the following keys:</para>
193
194 <variablelist class='network-directives'>
195 <varlistentry>
196 <term><varname>MACAddress=</varname></term>
197 <listitem>
198 <para>The hardware address.</para>
199 </listitem>
200 </varlistentry>
201 <varlistentry>
202 <term><varname>MTUBytes=</varname></term>
203 <listitem>
204 <para>The maximum transmission unit in bytes to set for the
205 device. The usual suffixes K, M, G, are supported and are
206 understood to the base of 1024.</para>
207 </listitem>
208 </varlistentry>
209 </variablelist>
210 </refsect1>
211
212 <refsect1>
213 <title>[Network] Section Options</title>
214
215 <para>The <literal>[Network]</literal> section accepts the following keys:</para>
216
217 <variablelist class='network-directives'>
218 <varlistentry>
219 <term><varname>Description=</varname></term>
220 <listitem>
221 <para>A description of the device. This is only used for
222 presentation purposes.</para>
223 </listitem>
224 </varlistentry>
225 <varlistentry>
226 <term><varname>DHCP=</varname></term>
227 <listitem>
228 <para>Enables DHCPv4 and/or DHCPv6 support. Accepts
229 <literal>yes</literal>, <literal>no</literal>,
230 <literal>ipv4</literal>, or <literal>ipv6</literal>.</para>
231
232 <para>Please note that by default the domain name
233 specified through DHCP is not used for name resolution.
234 See option <option>UseDomains=</option> below.</para>
235 </listitem>
236 </varlistentry>
237 <varlistentry>
238 <term><varname>DHCPServer=</varname></term>
239 <listitem>
240 <para>A boolean. Enables a basic DHCPv4 server on the
241 device. Mostly useful for handing out leases to container
242 instances.</para>
243 </listitem>
244 </varlistentry>
245 <varlistentry>
246 <term><varname>LinkLocalAddressing=</varname></term>
247 <listitem>
248 <para>Enables link-local address autoconfiguration. Accepts
249 <literal>yes</literal>, <literal>no</literal>,
250 <literal>ipv4</literal>, or <literal>ipv6</literal>. Defaults to
251 <literal>ipv6</literal>.</para>
252 </listitem>
253 </varlistentry>
254 <varlistentry>
255 <term><varname>IPv4LLRoute=</varname></term>
256 <listitem>
257 <para>A boolean. When true, sets up the route needed for
258 non-IPv4LL hosts to communicate with IPv4LL-only hosts. Defaults
259 to false.
260 </para>
261 </listitem>
262 </varlistentry>
263 <varlistentry>
264 <term><varname>IPv6Token=</varname></term>
265 <listitem>
266 <para>An IPv6 address with the top 64 bits unset. When set, indicates the
267 64 bits interface part of SLAAC IPv6 addresses for this link. By default
268 it is autogenerated.</para>
269 </listitem>
270 </varlistentry>
271 <varlistentry>
272 <term><varname>LLMNR=</varname></term>
273 <listitem>
274 <para>A boolean or <literal>resolve</literal>. When true, enables
275 Link-Local Multicast Name Resolution on the link, when set to
276 <literal>resolve</literal> only resolution is enabled, but not
277 announcement. Defaults to true.</para>
278 </listitem>
279 </varlistentry>
280 <varlistentry>
281 <term><varname>LLDP=</varname></term>
282 <listitem>
283 <para>A boolean. When true, enables LLDP link receive support.
284 </para>
285 </listitem>
286 </varlistentry>
287 <varlistentry>
288 <term><varname>BindCarrier=</varname></term>
289 <listitem>
290 <para>A port or a list of ports. When set, controls the
291 behaviour of the current interface. When all ports in the list
292 are in an operational down state, the current interface is brought
293 down. When at least one port has carrier, the current interface
294 is brought up.
295 </para>
296 </listitem>
297 </varlistentry>
298 <varlistentry>
299 <term><varname>Address=</varname></term>
300 <listitem>
301 <para>A static IPv4 or IPv6 address and its prefix length,
302 separated by a <literal>/</literal> character. Specify
303 this key more than once to configure several addresses.
304 The format of the address must be as described in
305 <citerefentry project='man-pages'><refentrytitle>inet_pton</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
306 This is a short-hand for an [Address] section only
307 containing an Address key (see below). This option may be
308 specified more than once.
309 </para>
310
311 <para>If the specified address is 0.0.0.0 (for IPv4) or
312 [::] (for IPv6), a new address range of the requested size
313 is automatically allocated from a system-wide pool of
314 unused ranges. The allocated range is checked against all
315 current network interfaces and all known network
316 configuration files to avoid address range conflicts. The
317 default system-wide pool consists of 192.168.0.0/16,
318 172.16.0.0/12 and 10.0.0.0/8 for IPv4, and fc00::/7 for
319 IPv6. This functionality is useful to manage a large
320 number of dynamically created network interfaces with the
321 same network configuration and automatic address range
322 assignment.</para>
323
324 </listitem>
325 </varlistentry>
326 <varlistentry>
327 <term><varname>Gateway=</varname></term>
328 <listitem>
329 <para>The gateway address, which must be in the format
330 described in
331 <citerefentry project='man-pages'><refentrytitle>inet_pton</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
332 This is a short-hand for a [Route] section only containing
333 a Gateway key. This option may be specified more than
334 once.</para>
335 </listitem>
336 </varlistentry>
337 <varlistentry>
338 <term><varname>DNS=</varname></term>
339 <listitem>
340 <para>A DNS server address, which must be in the format
341 described in
342 <citerefentry project='man-pages'><refentrytitle>inet_pton</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
343 This option may be specified more than once.</para>
344 </listitem>
345 </varlistentry>
346 <varlistentry>
347 <term><varname>Domains=</varname></term>
348 <listitem>
349 <para>The domains used for DNS resolution over this link.</para>
350 </listitem>
351 </varlistentry>
352 <varlistentry>
353 <term><varname>NTP=</varname></term>
354 <listitem>
355 <para>An NTP server address. This option may be specified more than once.</para>
356 </listitem>
357 </varlistentry>
358 <varlistentry>
359 <term><varname>IPForward=</varname></term>
360 <listitem><para>Configures IP forwarding for the network
361 interface. If enabled incoming packets on the network
362 interface will be forwarded to other interfaces according to
363 the routing table. Takes either a boolean argument, or the
364 values <literal>ipv4</literal> or <literal>ipv6</literal>,
365 which only enables IP forwarding for the specified address
366 family, or <literal>kernel</literal>, which preserves existing sysctl settings.
367 This controls the
368 <filename>net.ipv4.conf.&lt;interface&gt;.forwarding</filename>
369 and
370 <filename>net.ipv6.conf.&lt;interface&gt;.forwarding</filename>
371 sysctl options of the network interface (see <ulink
372 url="https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt">ip-sysctl.txt</ulink>
373 for details about sysctl options). Defaults to
374 <literal>no</literal>.</para>
375
376 <para>Note: unless this option is turned on, or set to <literal>kernel</literal>,
377 no IP forwarding is done on this interface, even if this is
378 globally turned on in the kernel, with the
379 <filename>net.ipv4.ip_forward</filename>,
380 <filename>net.ipv4.conf.all.forwarding</filename>, and
381 <filename>net.ipv6.conf.all.forwarding</filename> sysctl
382 options.</para>
383 </listitem>
384 </varlistentry>
385 <varlistentry>
386 <term><varname>IPMasquerade=</varname></term>
387 <listitem><para>Configures IP masquerading for the network
388 interface. If enabled packets forwarded from the network
389 interface will be appear as coming from the local host.
390 Takes a boolean argument. Implies
391 <varname>IPForward=ipv4</varname>. Defaults to
392 <literal>no</literal>.</para></listitem>
393 </varlistentry>
394 <varlistentry>
395 <term><varname>IPv6PrivacyExtensions=</varname></term>
396 <listitem><para>Configures use of stateless temporary
397 addresses that change over time (see <ulink
398 url="https://tools.ietf.org/html/rfc4941">RFC 4941</ulink>,
399 Privacy Extensions for Stateless Address Autoconfiguration
400 in IPv6). Takes a boolean or the special values
401 <literal>prefer-public</literal> and
402 <literal>kernel</literal>. When true enables the privacy
403 extensions and prefers temporary addresses over public
404 addresses. When <literal>prefer-public</literal> enables the
405 privacy extensions, but prefers public addresses over
406 temporary addresses. When false, the privacy extensions
407 remain disabled. When <literal>kernel</literal> the kernel's
408 default setting will be left in place. Defaults to
409 <literal>no</literal>.</para></listitem>
410 </varlistentry>
411 <varlistentry>
412 <term><varname>Bridge=</varname></term>
413 <listitem>
414 <para>The name of the bridge to add the link to.</para>
415 </listitem>
416 </varlistentry>
417 <varlistentry>
418 <term><varname>Bond=</varname></term>
419 <listitem>
420 <para>The name of the bond to add the link to.</para>
421 </listitem>
422 </varlistentry>
423 <varlistentry>
424 <term><varname>VLAN=</varname></term>
425 <listitem>
426 <para>The name of a VLAN to create on the link. This
427 option may be specified more than once.</para>
428 </listitem>
429 </varlistentry>
430 <varlistentry>
431 <term><varname>MACVLAN=</varname></term>
432 <listitem>
433 <para>The name of a MACVLAN to create on the link. This
434 option may be specified more than once.</para>
435 </listitem>
436 </varlistentry>
437 <varlistentry>
438 <term><varname>VXLAN=</varname></term>
439 <listitem>
440 <para>The name of a VXLAN to create on the link. This
441 option may be specified more than once.</para>
442 </listitem>
443 </varlistentry>
444 <varlistentry>
445 <term><varname>Tunnel=</varname></term>
446 <listitem>
447 <para>The name of a Tunnel to create on the link. This
448 option may be specified more than once.</para>
449 </listitem>
450 </varlistentry>
451 </variablelist>
452
453 </refsect1>
454
455 <refsect1>
456 <title>[Address] Section Options</title>
457
458 <para>An <literal>[Address]</literal> section accepts the
459 following keys. Specify several <literal>[Address]</literal>
460 sections to configure several addresses.</para>
461
462 <variablelist class='network-directives'>
463 <varlistentry>
464 <term><varname>Address=</varname></term>
465 <listitem>
466 <para>As in the <literal>[Network]</literal> section. This
467 key is mandatory.</para>
468 </listitem>
469 </varlistentry>
470 <varlistentry>
471 <term><varname>Peer=</varname></term>
472 <listitem>
473 <para>The peer address in a point-to-point connection.
474 Accepts the same format as the <literal>Address</literal>
475 key.</para>
476 </listitem>
477 </varlistentry>
478 <varlistentry>
479 <term><varname>Broadcast=</varname></term>
480 <listitem>
481 <para>The broadcast address, which must be in the format
482 described in
483 <citerefentry project='man-pages'><refentrytitle>inet_pton</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
484 This key only applies to IPv4 addresses. If it is not
485 given, it is derived from the <literal>Address</literal>
486 key.</para>
487 </listitem>
488 </varlistentry>
489 <varlistentry>
490 <term><varname>Label=</varname></term>
491 <listitem>
492 <para>An address label.</para>
493 </listitem>
494 </varlistentry>
495 </variablelist>
496 </refsect1>
497
498 <refsect1>
499 <title>[Route] Section Options</title>
500 <para>The <literal>[Route]</literal> section accepts the
501 following keys. Specify several <literal>[Route]</literal>
502 sections to configure several routes.</para>
503
504 <variablelist class='network-directives'>
505 <varlistentry>
506 <term><varname>Gateway=</varname></term>
507 <listitem>
508 <para>As in the <literal>[Network]</literal> section.</para>
509 </listitem>
510 </varlistentry>
511 <varlistentry>
512 <term><varname>Destination=</varname></term>
513 <listitem>
514 <para>The destination prefix of the route. Possibly
515 followed by a slash and the prefixlength. If omitted, a
516 full-length host route is assumed.</para>
517 </listitem>
518 </varlistentry>
519 <varlistentry>
520 <term><varname>Source=</varname></term>
521 <listitem>
522 <para>The source prefix of the route. Possibly followed by
523 a slash and the prefixlength. If omitted, a full-length
524 host route is assumed.</para>
525 </listitem>
526 </varlistentry>
527 <varlistentry>
528 <term><varname>Metric=</varname></term>
529 <listitem>
530 <para>The metric of the route. An unsigned integer</para>
531 </listitem>
532 </varlistentry>
533 <varlistentry>
534 <term><varname>Scope=</varname></term>
535 <listitem>
536 <para>The scope of the route. One of the values <literal>global</literal>,
537 <literal>link</literal> or <literal>host</literal>. Defaults to
538 <literal>global</literal>.</para>
539 </listitem>
540 </varlistentry>
541 </variablelist>
542 </refsect1>
543
544 <refsect1>
545 <title>[DHCP] Section Options</title>
546 <para>The <literal>[DHCP]</literal> section accepts the following keys:</para>
547
548 <variablelist class='network-directives'>
549 <varlistentry>
550 <term><varname>UseDNS=</varname></term>
551 <listitem>
552 <para>When true (the default), the DNS servers received
553 from the DHCP server will be used and take precedence over
554 any statically configured ones.</para>
555
556 <para>This corresponds to the <option>nameserver</option>
557 option in <citerefentry project='man-pages'><refentrytitle>resolv.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
558 </listitem>
559 </varlistentry>
560 <varlistentry>
561 <term><varname>UseNTP=</varname></term>
562 <listitem>
563 <para>When true (the default), the NTP servers received
564 from the DHCP server will be used by systemd-timesyncd
565 and take precedence over any statically configured ones.</para>
566 </listitem>
567 </varlistentry>
568 <varlistentry>
569 <term><varname>UseMTU=</varname></term>
570 <listitem>
571 <para>When true, the interface maximum transmission unit
572 from the DHCP server will be used on the current link.
573 Defaults to false.</para>
574 </listitem>
575 </varlistentry>
576 <varlistentry>
577 <term><varname>SendHostname=</varname></term>
578 <listitem>
579 <para>When true (the default), the machine's hostname will be sent to the DHCP
580 server</para>
581 </listitem>
582 </varlistentry>
583 <varlistentry>
584 <term><varname>UseHostname=</varname></term>
585 <listitem>
586 <para>When true (the default), the hostname received from
587 the DHCP server will be used as the transient
588 hostname.</para>
589 </listitem>
590 </varlistentry>
591 <varlistentry>
592 <term><varname>Hostname=</varname></term>
593 <listitem>
594 <para>Hostname is a option to override the machine's hostname that will be sent to the DHCP server</para>
595 </listitem>
596 </varlistentry>
597 <varlistentry>
598 <term><varname>UseDomains=</varname></term>
599 <listitem>
600 <para>When true (not the default), the domain name
601 received from the DHCP server will be used for DNS
602 resolution over this link. When a name cannot be resolved
603 as specified, the domain name will be used a suffix and
604 name resolution of that will be attempted.</para>
605
606 <para>This corresponds to the <option>domain</option>
607 option in <citerefentry project='man-pages'><refentrytitle>resolv.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
608 and should not be enabled on untrusted networks.</para>
609 </listitem>
610 </varlistentry>
611 <varlistentry>
612 <term><varname>UseRoutes=</varname></term>
613 <listitem>
614 <para>When true (the default), the static routes will be
615 requested from the DHCP server and added to the routing
616 table with metric of 1024.</para>
617 </listitem>
618 </varlistentry>
619 <varlistentry>
620 <term><varname>CriticalConnection=</varname></term>
621 <listitem>
622 <para>When true, the connection will never be torn down
623 even if the DHCP lease expires. This is contrary to the
624 DHCP specification, but may be the best choice if, say,
625 the root filesystem relies on this connection. Defaults to
626 false.</para>
627 </listitem>
628 </varlistentry>
629 <varlistentry>
630 <term><varname>ClientIdentifier=</varname></term>
631 <listitem>
632 <para>DHCP client identifier to use. Either <literal>mac</literal>
633 to use the MAC address of the link or <literal>duid</literal>
634 (the default) to use a RFC4361-compliant Client ID.</para>
635 </listitem>
636 </varlistentry>
637 <varlistentry>
638 <term><varname>VendorClassIdentifier=</varname></term>
639 <listitem>
640 <para>The vendor class identifier used to identify vendor
641 type and configuration.</para>
642 </listitem>
643 </varlistentry>
644 <varlistentry>
645 <term><varname>RequestBroadcast=</varname></term>
646 <listitem>
647 <para>Request the server to use broadcast messages before
648 the IP address has been configured. This is necessary for
649 devices that cannot receive RAW packets, or that cannot
650 receive packets at all before an IP address has been
651 configured. On the other hand, this must not be enabled on
652 networks where broadcasts are filtered out.</para>
653 </listitem>
654 </varlistentry>
655 <varlistentry>
656 <term><varname>RouteMetric=</varname></term>
657 <listitem>
658 <para>Set the routing metric for routes specified by the
659 DHCP server.</para>
660 </listitem>
661 </varlistentry>
662 </variablelist>
663
664 </refsect1>
665
666 <refsect1>
667 <title>[Bridge] Section Options</title>
668 <para>The <literal>[Bridge]</literal> section accepts the
669 following keys.</para>
670 <variablelist class='network-directives'>
671 <varlistentry>
672 <term><varname>UnicastFlood=</varname></term>
673 <listitem>
674 <para>A boolean. UnicastFlood configures whether a given port will flood
675 unicast traffic for which there is no FDB entry. By default this
676 flag is off.</para>
677 </listitem>
678 </varlistentry>
679 <varlistentry>
680 <term><varname>HairPin=</varname></term>
681 <listitem>
682 <para> A boolean. Configures whether traffic may be send back
683 out of the port on which it was received. By default, this
684 flag is false. and the bridge will not forward traffic back
685 out of the receiving port. By default the flag is off.</para>
686 </listitem>
687 </varlistentry>
688 <varlistentry>
689 <term><varname>BPDUGuard=</varname></term>
690 <listitem>
691 <para> A boolean. Configures whether STP Bridge Protocol Data Units will be
692 processed by the bridge port. By default, the flag is false allowing BPDU
693 processing. Turning this flag on will cause the port to stop processing
694 STP Bridge Protocol Data Units. By default the flag is off.</para>
695 </listitem>
696 </varlistentry>
697 <varlistentry>
698 <term><varname>FastLeave=</varname></term>
699 <listitem>
700 <para> A boolean. This flag allows the bridge to immediately stop multicast
701 traffic on a port that receives IGMP Leave message. It is only used with
702 IGMP snooping if enabled on the bridge. By default the flag is off.</para>
703 </listitem>
704 </varlistentry>
705 <varlistentry>
706 <term><varname>RootBlock=</varname></term>
707 <listitem>
708 <para> A boolean. Configures whether a given port is allowed to
709 become root port or not. Only used when STP is enabled on the bridge.
710 By default the flag is off.</para>
711 </listitem>
712 </varlistentry>
713 <varlistentry>
714 <term><varname>Cost=</varname></term>
715 <listitem>
716 <para>Each port in a bridge may have different speed. Cost
717 is used to decide which link to use. Faster interfaces
718 should have lower costs</para>
719 </listitem>
720 </varlistentry>
721 </variablelist>
722 </refsect1>
723 <refsect1>
724 <title>[BridgeFDB] Section Options</title>
725 <para>The <literal>[BridgeFDB]</literal> section manages the
726 forwarding database table of a port and accepts the following
727 keys. Specify several <literal>[BridgeFDB]</literal> sections to
728 configure several static MAC table entries.</para>
729
730 <variablelist class='network-directives'>
731 <varlistentry>
732 <term><varname>MACAddress=</varname></term>
733 <listitem>
734 <para>As in the <literal>[Network]</literal> section. This
735 key is mandatory.</para>
736 </listitem>
737 </varlistentry>
738 <varlistentry>
739 <term><varname>VLANId=</varname></term>
740 <listitem>
741 <para>The VLAN Id for the new static MAC table entry. If
742 omitted, no VLAN Id info is appended to the new static MAC
743 table entry.</para>
744 </listitem>
745 </varlistentry>
746 </variablelist>
747 </refsect1>
748
749 <refsect1>
750 <title>Example</title>
751 <example>
752 <title>/etc/systemd/network/50-static.network</title>
753
754 <programlisting>[Match]
755 Name=enp2s0
756
757 [Network]
758 Address=192.168.0.15/24
759 Gateway=192.168.0.1</programlisting>
760 </example>
761
762 <example>
763 <title>/etc/systemd/network/80-dhcp.network</title>
764
765 <programlisting>[Match]
766 Name=en*
767
768 [Network]
769 DHCP=yes</programlisting>
770 </example>
771
772 <example>
773 <title>/etc/systemd/network/bridge-static.network</title>
774
775 <programlisting>[Match]
776 Name=bridge0
777
778 [Network]
779 Address=192.168.0.15/24
780 Gateway=192.168.0.1
781 DNS=192.168.0.1</programlisting>
782 </example>
783
784 <example>
785 <title>/etc/systemd/network/bridge-slave-interface.network</title>
786
787 <programlisting>[Match]
788 Name=enp2s0
789
790 [Network]
791 Bridge=bridge0</programlisting>
792 </example>
793 <example>
794 <title>/etc/systemd/network/ipip.network</title>
795
796 <programlisting>[Match]
797 Name=em1
798
799 [Network]
800 Tunnel=ipip-tun</programlisting>
801 </example>
802
803 <example>
804 <title>/etc/systemd/network/sit.network</title>
805
806 <programlisting>[Match]
807 Name=em1
808
809 [Network]
810 Tunnel=sit-tun</programlisting>
811 </example>
812
813 <example>
814 <title>/etc/systemd/network/gre.network</title>
815
816 <programlisting>[Match]
817 Name=em1
818
819 [Network]
820 Tunnel=gre-tun</programlisting>
821 </example>
822
823 <example>
824 <title>/etc/systemd/network/vti.network</title>
825
826 <programlisting>[Match]
827 Name=em1
828
829 [Network]
830 Tunnel=vti-tun</programlisting>
831 </example>
832 </refsect1>
833
834 <refsect1>
835 <title>See Also</title>
836 <para>
837 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
838 <citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
839 <citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
840 <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>
841 </para>
842 </refsect1>
843
844 </refentry>
Unnamed repository; edit this file 'description' to name the repository.