"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!--
+ SPDX-License-Identifier: LGPL-2.1+
+
This file is part of systemd.
Copyright 2013 Tom Gundersen
controlled by other applications.</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>RequiredForOnline=</varname></term>
+ <listitem>
+ <para>A boolean. When <literal>yes</literal>, the network is deemed
+ required when determining whether the system is online when running
+ <literal>systemd-networkd-wait-online</literal>.
+ When <literal>no</literal>, the network is ignored when checking for
+ online state. Defaults to <literal>yes</literal>.</para>
+ <para>The network will be brought up normally in all cases, but in
+ the event that there is no address being assigned by DHCP or the
+ cable is not plugged in, the link will simply remain offline and be
+ skipped automatically by <literal>systemd-networkd-wait-online</literal>
+ if <literal>RequiredForOnline=true</literal>.</para>
+ </listitem>
+ </varlistentry>
</variablelist>
</refsect1>
<option>IPv6ProxyNDP</option> has been set to false. Defaults to unset.
</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>IPv6PrefixDelegation=</varname></term>
+ <listitem><para>Whether to enable or disable Router Advertisement sending on a link.
+ Defaults to <literal>false</literal>. See the <literal>[IPv6PrefixDelegation]</literal>
+ and the <literal>[IPv6Prefix]</literal> sections for configuration options.
+ </para></listitem>
+ </varlistentry>
<varlistentry>
<term><varname>Bridge=</varname></term>
<listitem>
</variablelist>
</refsect1>
+ <refsect1>
+ <title>[RoutingPolicyRule] Section Options</title>
+
+ <para>An <literal>[RoutingPolicyRule]</literal> section accepts the
+ following keys. Specify several <literal>[RoutingPolicyRule]</literal>
+ sections to configure several rules.</para>
+
+ <variablelist class='network-directives'>
+ <varlistentry>
+ <term><varname>TypeOfService=</varname></term>
+ <listitem>
+ <para>Specifies the type of service to match a number between 0 to 255.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>From=</varname></term>
+ <listitem>
+ <para>Specifies the source address prefix to match. Possibly followed by a slash and the prefix length.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>To=</varname></term>
+ <listitem>
+ <para>Specifies the destination address prefix to match. Possibly followed by a slash and the prefix length.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>FirewallMark=</varname></term>
+ <listitem>
+ <para>Specifies the iptables firewall mark value to match (a number between 1 and 4294967295).</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>Table=</varname></term>
+ <listitem>
+ <para>Specifies the routing table identifier to lookup if the rule
+ selector matches. The table identifier for a route (a number between 1 and 4294967295).</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>Priority=</varname></term>
+ <listitem>
+ <para>Specifies the priority of this rule. <varname>Priority=</varname> is an unsigned
+ integer. Higher number means lower priority, and rules get processed in order of increasing number.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>IncomingInterface=</varname></term>
+ <listitem>
+ <para>Specifies incoming device to match. If the interface is loopback, the rule only matches packets originating from this host.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>OutgoingInterface=</varname></term>
+ <listitem>
+ <para>Specifies the outgoing device to match. The outgoing interface is only available for packets originating from local sockets that are bound to a device.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
<refsect1>
<title>[Route] Section Options</title>
<para>The <literal>[Route]</literal> section accepts the
</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>Type=</varname></term>
+ <listitem>
+ <para>The Type identifier for special route types, which can be
+ <literal>unicast</literal> route to a destination network address which describes the path to the destination,
+ <literal>blackhole</literal> packets are discarded silently,
+ <literal>unreachable</literal> packets are discarded and the ICMP message host unreachable is generated,
+ <literal>prohibit</literal> packets are discarded and the ICMP message communication administratively
+ prohibited is generated. Defaults to <literal>unicast</literal>.
+ </para>
+ </listitem>
+ </varlistentry>
+
</variablelist>
</refsect1>
<para>The table identifier for DHCP routes (a number between 1 and 4294967295, or 0 to unset).
The table can be retrieved using <command>ip route show table <replaceable>num</replaceable></command>.
</para>
+ <para>When used in combination with <varname>VRF=</varname> the
+ VRF's routing table is used unless this parameter is specified.
+ </para>
</listitem>
</varlistentry>
</refsect1>
<refsect1>
+ <title>[IPv6PrefixDelegation] Section Options</title>
+ <para>The <literal>[IPv6PrefixDelegation]</literal> section contains
+ settings for sending IPv6 Router Advertisements and whether to act as
+ a router, if enabled via the <varname>IPv6PrefixDelegation=</varname>
+ option described above. IPv6 network prefixes are defined with one or
+ more <literal>[IPv6Prefix]</literal> sections.</para>
+
+ <variablelist class='network-directives'>
+
+ <varlistentry>
+ <term><varname>Managed=</varname></term>
+ <term><varname>OtherInformation=</varname></term>
+
+ <listitem><para>Controls whether a DHCPv6 server is used to acquire IPv6
+ addresses on the network link when <varname>Managed=</varname> boolean
+ is set to <literal>true</literal> or if only additional network
+ information can be obtained via DHCPv6 for the network link when
+ <varname>OtherInformation=</varname> boolean is set to
+ <literal>true</literal>. Both settings default to
+ <literal>false</literal>, which means that a DHCPv6 server is not being
+ used.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>RouterLifetimeSec=</varname></term>
+
+ <listitem><para>Configures the IPv6 router lifetime in seconds. If set,
+ this host also announces itself in Router Advertisements as an IPv6
+ router for the network link. Defaults to unset, which means the host is
+ not acting as a router.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>RouterPreference=</varname></term>
+
+ <listitem><para>Configures IPv6 router preference if
+ <varname>RouterLifetimeSec=</varname> is non-zero. Valid values are
+ <literal>high</literal>, <literal>medium</literal> and
+ <literal>low</literal>, with <literal>normal</literal> and
+ <literal>default</literal> added as synonyms for
+ <literal>medium</literal> just to make configuration easier. See
+ <ulink url="https://tools.ietf.org/html/rfc4191">RFC 4191</ulink>
+ for details. Defaults to <literal>medium</literal>.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>EmitDNS=</varname></term>
+ <term><varname>DNS=</varname></term>
+
+ <listitem><para><varname>DNS=</varname> specifies a list of recursive
+ DNS server IPv6 addresses that distributed via Router Advertisement
+ messages when <varname>EmitDNS=</varname> is true. If <varname>DNS=
+ </varname> is empty, DNS servers are read from the
+ <literal>[Network]</literal> section. If the
+ <literal>[Network]</literal> section does not contain any DNS servers
+ either, DNS servers from the uplink with the highest priority default
+ route are used. When <varname>EmitDNS=</varname> is false, no DNS server
+ information is sent in Router Advertisement messages.
+ <varname>EmitDNS=</varname> defaults to true.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>EmitDomains=</varname></term>
+ <term><varname>Domains=</varname></term>
+
+ <listitem><para>A list of DNS search domains distributed via Router
+ Advertisement messages when <varname>EmitDomains=</varname> is true. If
+ <varname>Domains=</varname> is empty, DNS search domains are read from the
+ <literal>[Network]</literal> section. If the <literal>[Network]</literal>
+ section does not contain any DNS search domains either, DNS search
+ domains from the uplink with the highest priority default route are
+ used. When <varname>EmitDomains=</varname> is false, no DNS search domain
+ information is sent in Router Advertisement messages.
+ <varname>EmitDomains=</varname> defaults to true.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>DNSLifetimeSec=</varname></term>
+
+ <listitem><para>Lifetime in seconds for the DNS server addresses listed
+ in <varname>DNS=</varname> and search domains listed in
+ <varname>Domains=</varname>.</para></listitem>
+ </varlistentry>
+
+ </variablelist>
+ </refsect1>
+
+ <refsect1>
+ <title>[IPv6Prefix] Section Options</title>
+ <para>One or more <literal>[IPv6Prefix]</literal> sections contain the IPv6
+ prefixes that are announced via Router Advertisements. See
+ <ulink url="https://tools.ietf.org/html/rfc4861">RFC 4861</ulink>
+ for further details.</para>
+
+ <variablelist class='network-directives'>
+
+ <varlistentry>
+ <term><varname>AddressAutoconfiguration=</varname></term>
+ <term><varname>OnLink=</varname></term>
+
+ <listitem><para>Boolean values to specify whether IPv6 addresses can be
+ autoconfigured with this prefix and whether the prefix can be used for
+ onlink determination. Both settings default to <literal>true</literal>
+ in order to ease configuration.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>Prefix=</varname></term>
+
+ <listitem><para>The IPv6 prefix that is to be distributed to hosts.
+ Similarly to configuring static IPv6 addresses, the setting is
+ configured as an IPv6 prefix and its prefix length, separated by a
+ <literal>/</literal> character. Use multiple
+ <literal>[IPv6Prefix]</literal> sections to configure multiple IPv6
+ prefixes since prefix lifetimes, address autoconfiguration and onlink
+ status may differ from one prefix to another.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>PreferredLifetimeSec=</varname></term>
+ <term><varname>ValidLifetimeSec=</varname></term>
+
+ <listitem><para>Preferred and valid lifetimes for the prefix measured in
+ seconds. <varname>PreferredLifetimeSec=</varname> defaults to 604800
+ seconds (one week) and <varname>ValidLifetimeSec=</varname> defaults
+ to 2592000 seconds (30 days).</para></listitem>
+ </varlistentry>
+
+ </variablelist>
+ </refsect1>
+
+ <refsect1>
<title>[Bridge] Section Options</title>
<para>The <literal>[Bridge]</literal> section accepts the
following keys.</para>
<term><varname>VLANId=</varname></term>
<listitem>
<para>The VLAN ID for the new static MAC table entry. If
- omitted, no VLAN ID info is appended to the new static MAC
+ omitted, no VLAN ID information is appended to the new static MAC
table entry.</para>
</listitem>
</varlistentry>
<title>Virtual Routing and Forwarding (VRF)</title>
<para>Add the <literal>bond1</literal> interface to the VRF master interface
<literal>vrf1</literal>. This will redirect routes generated on this interface to be
- within the routing table defined during VRF creation. Traffic won't be redirected
- towards the VRFs routing table unless specific ip-rules are added.</para>
+ within the routing table defined during VRF creation. For kernels before 4.8 traffic
+ won't be redirected towards the VRFs routing table unless specific ip-rules are added.
+ </para>
<programlisting># /etc/systemd/network/25-vrf.network
[Match]
Name=bond1
projects / thirdparty / systemd.git / blobdiff