<filename>/run/systemd/network</filename> directories. Drop-in files in
<filename>/etc</filename> take precedence over those in <filename>/run</filename> which in turn
take precedence over those in <filename>/usr/lib</filename>. Drop-in files under any of these
- directories take precedence over the main netdev file wherever located.</para>
+ directories take precedence over the main network file wherever located.</para>
<para>Note that an interface without any static IPv6 addresses configured, and neither DHCPv6
nor IPv6LL enabled, shall be considered to have no IPv6 support. IPv6 will be automatically
<term><varname>MACAddress=</varname></term>
<listitem>
<para>A whitespace-separated list of hardware addresses. Use full colon-, hyphen- or dot-delimited hexadecimal. See the example below.
- This option may appear more than one, in which case the lists are merged. If the empty string is assigned to this option, the list
+ This option may appear more than once, in which case the lists are merged. If the empty string is assigned to this option, the list
of hardware addresses defined prior to this is reset.</para>
<para>Example:
</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>WLANInterfaceType=</varname></term>
+ <listitem>
+ <para>A whitespace-separated list of wireless network type. Supported values are
+ <literal>ad-hoc</literal>, <literal>station</literal>, <literal>ap</literal>,
+ <literal>ap-vlan</literal>, <literal>wds</literal>, <literal>monitor</literal>,
+ <literal>mesh-point</literal>, <literal>p2p-client</literal>, <literal>p2p-go</literal>,
+ <literal>p2p-device</literal>, <literal>ocb</literal>, and <literal>nan</literal>. If the
+ list is prefixed with a "!", the test is inverted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>SSID=</varname></term>
+ <listitem>
+ <para>A whitespace-separated list of shell-style globs matching the SSID of the currently
+ connected wireless LAN. If the list is prefixed with a "!", the test is inverted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>BSSID=</varname></term>
+ <listitem>
+ <para>A whitespace-separated list of hardware address of the currently connected wireless
+ LAN. Use full colon-, hyphen- or dot-delimited hexadecimal. See the example in
+ <varname>MACAddress=</varname>. This option may appear more than one, in which case the
+ lists are merged. If the empty string is assigned to this option, the list of BSSID defined
+ prior to this is reset.</para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term><varname>Host=</varname></term>
<listitem>
specified through DHCP is not used for name resolution.
See option <option>UseDomains=</option> below.</para>
- <para>See the <literal>[DHCP]</literal> section below for further configuration options for the DHCP client
- support.</para>
+ <para>See the <literal>[DHCPv4]</literal> or <literal>[DHCPv6]</literal> section below for
+ further configuration options for the DHCP client support.</para>
</listitem>
</varlistentry>
<varlistentry>
</varlistentry>
<varlistentry>
<term><varname>IPv6AcceptRA=</varname></term>
- <listitem><para>Takes a boolean. Controls IPv6 Router Advertisement (RA) reception support for the interface.
- If true, RAs are accepted; if false, RAs are ignored, independently of the local forwarding state.
- If unset, the kernel's default is used, and RAs are accepted only when local forwarding
- is disabled for that interface. When RAs are accepted, they may trigger the start of the DHCPv6 client if
- the relevant flags are set in the RA data, or if no routers are found on the link.</para>
+ <listitem><para>Takes a boolean. Controls IPv6 Router Advertisement (RA) reception support
+ for the interface. If true, RAs are accepted; if false, RAs are ignored, independently of the
+ local forwarding state. When RAs are accepted, they may trigger the start of the DHCPv6
+ client if the relevant flags are set in the RA data, or if no routers are found on the link.</para>
<para>Further settings for the IPv6 RA support may be configured in the
<literal>[IPv6AcceptRA]</literal> section, see below.</para>
documentation regarding <literal>accept_ra</literal>, but note that systemd's setting of
<constant>1</constant> (i.e. true) corresponds to kernel's setting of <constant>2</constant>.</para>
- <para>Note that if this option is enabled a userspace implementation of the IPv6 RA protocol is
- used, and the kernel's own implementation remains disabled, since `networkd` needs to know all
- details supplied in the advertisements, and these are not available from the kernel if the kernel's
- own implementation is used.</para>
+ <para>Note that kernel's implementation of the IPv6 RA protocol is always disabled,
+ regardless of this setting. If this option is enabled, a userspace implementation of the IPv6
+ RA protocol is used, and the kernel's own implementation remains disabled, since
+ <command>systemd-networkd</command> needs to know all details supplied in the advertisements,
+ and these are not available from the kernel if the kernel's own implementation is used.</para>
</listitem>
</varlistentry>
<varlistentry>
lease expires. This is contrary to the DHCP specification, but may be the best choice if,
e.g., the root filesystem relies on this connection. The setting <literal>dhcp</literal>
implies <literal>dhcp-on-stop</literal>, and <literal>yes</literal> implies
- <literal>dhcp</literal> and <literal>static</literal>. Defaults to
- <literal>dhcp-on-stop</literal>.</para>
+ <literal>dhcp</literal> and <literal>static</literal>. Defaults to <literal>no</literal>.
+ </para>
</listitem>
</varlistentry>
</listitem>
</varlistentry>
<varlistentry>
- <term><varname>MACAddress=</varname></term>
+ <term><varname>LinkLayerAddress=</varname></term>
<listitem>
- <para>The hardware address of the neighbor.</para>
+ <para>The link layer address (MAC address or IP address) of the neighbor.</para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term><varname>Table=</varname></term>
<listitem>
- <para>Specifies the routing table identifier to lookup if the rule
- selector matches. The table identifier for a route (a number between 1 and 4294967295).</para>
+ <para>Specifies the routing table identifier to lookup if the rule selector matches. Takes
+ one of <literal>default</literal>, <literal>main</literal>, and <literal>local</literal>,
+ or a number between 1 and 4294967295. Defaults to <literal>main</literal>.</para>
</listitem>
</varlistentry>
<varlistentry>
<para>A boolean. Specifies whether the rule to be inverted. Defaults to false.</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>Family=</varname></term>
+ <listitem>
+ <para>Takes a special value <literal>ipv4</literal>, <literal>ipv6</literal>, or
+ <literal>both</literal>. By default, the address family is determined by the address
+ specified in <varname>To=</varname> or <varname>From=</varname>. If neither
+ <varname>To=</varname> nor <varname>From=</varname> are specified, then defaults to
+ <literal>ipv4</literal>.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1>
+ <title>[NextHop] Section Options</title>
+ <para>The <literal>[NextHop]</literal> section accepts the
+ following keys. Specify several <literal>[NextHop]</literal>
+ sections to configure several nexthop. Nexthop is used to manipulate entries in the kernel's nexthop
+ tables.</para>
+
+ <variablelist class='network-directives'>
+ <varlistentry>
+ <term><varname>Gateway=</varname></term>
+ <listitem>
+ <para>As in the <literal>[Network]</literal> section. This is mandatory.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>Id=</varname></term>
+ <listitem>
+ <para>The id of the nexthop (an unsigned integer). If unspecified or '0' then automatically chosen by kernel.</para>
+ </listitem>
+ </varlistentry>
</variablelist>
</refsect1>
<term><varname>Protocol=</varname></term>
<listitem>
<para>The protocol identifier for the route. Takes a number between 0 and 255 or the special values
- <literal>kernel</literal>, <literal>boot</literal> and <literal>static</literal>. Defaults to
- <literal>static</literal>.
+ <literal>kernel</literal>, <literal>boot</literal>, <literal>static</literal>,
+ <literal>ra</literal> and <literal>dhcp</literal>. Defaults to <literal>static</literal>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Type=</varname></term>
<listitem>
- <para>Specifies the type for the route. If <literal>unicast</literal>, a regular route is defined, i.e. a
+ <para>Specifies the type for the route. Takes one of <literal>unicast</literal>,
+ <literal>local</literal>, <literal>broadcast</literal>, <literal>anycast</literal>,
+ <literal>multicast</literal>, <literal>blackhole</literal>, <literal>unreachable</literal>,
+ <literal>prohibit</literal>, <literal>throw</literal>, <literal>nat</literal>, and
+ <literal>xresolve</literal>. If <literal>unicast</literal>, a regular route is defined, i.e. a
route indicating the path to take to a destination network address. If <literal>blackhole</literal>, packets
to the defined route are discarded silently. If <literal>unreachable</literal>, packets to the defined route
are discarded and the ICMP message "Host Unreachable" is generated. If <literal>prohibit</literal>, packets
<para>Note that if IPv6 is enabled on the interface, and the MTU is chosen
below 1280 (the minimum MTU for IPv6) it will automatically be increased to this value.</para>
</listitem>
- </varlistentry>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>IPServiceType=</varname></term>
+ <listitem>
+ <para>Takes string; "CS6" or "CS4". Used to set IP service type to CS6 (network control)
+ or CS4 (Realtime). IPServiceType defaults to CS6 if nothing is specified.</para>
+ </listitem>
+ </varlistentry>
</variablelist>
</refsect1>
<refsect1>
- <title>[DHCP] Section Options</title>
- <para>The <literal>[DHCP]</literal> section configures the
- DHCPv4 and DHCP6 client, if it is enabled with the
+ <title>[DHCPv4] Section Options</title>
+ <para>The <literal>[DHCPv4]</literal> section configures the
+ DHCPv4 client, if it is enabled with the
<varname>DHCP=</varname> setting described above:</para>
<variablelist class='network-directives'>
project='man-pages'><refentrytitle>resolv.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>RoutesToDNS=</varname></term>
+ <listitem>
+ <para>When true, the routes to the DNS servers received from the DHCP server will be
+ configured. When <varname>UseDNS=</varname> is disabled, this setting is ignored.
+ Defaults to false.</para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term><varname>UseNTP=</varname></term>
<listitem>
and take precedence over any statically configured ones.</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>UseSIP=</varname></term>
+ <listitem>
+ <para>When true (the default), the SIP servers received
+ from the DHCP server will be saved at the state files and can be
+ read via <function>sd_network_link_get_sip_servers()</function> function.</para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term><varname>UseMTU=</varname></term>
<listitem>
<term><varname>SendRelease=</varname></term>
<listitem>
<para>When true, the DHCPv4 client sends a DHCP release packet when it stops.
- Defaults to false.</para>
+ Defaults to true.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>BlackList=</varname></term>
+ <listitem>
+ <para>A whitespace-separated list of IPv4 addresses. DHCP offers from servers in the list are rejected.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>RequestOptions=</varname></term>
+ <listitem>
+ <para>A whitespace-separated list of integers in the range 1–254.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>SendOption=</varname></term>
+ <listitem>
+ <para>Send an arbitrary option in the DHCPv4 request. Takes a DHCP option number and an arbitrary
+ data string separated with a colon
+ (<literal><replaceable>option</replaceable>:<replaceable>value</replaceable></literal>). The
+ option number must be an interger in the range 1..254. Special characters in the data string may
+ be escaped using
+ <ulink url="https://en.wikipedia.org/wiki/Escape_sequences_in_C#Table_of_escape_sequences">C-style
+ escapes</ulink>. This option can be specified multiple times. If an empty string is specified,
+ then all options specified earlier are cleared. Defaults to unset.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1>
+ <title>[DHCPv6] Section Options</title>
+ <para>The <literal>[DHCPv6]</literal> section configures the DHCPv6 client, if it is enabled with the
+ <varname>DHCP=</varname> setting described above, or invoked by the IPv6 Router Advertisement:</para>
+
+ <variablelist class='network-directives'>
+ <varlistentry>
+ <term><varname>UseDNS=</varname></term>
+ <term><varname>UseNTP=</varname></term>
+ <listitem>
+ <para>As in the <literal>[DHCPv4]</literal> section.</para>
</listitem>
</varlistentry>
</varlistentry>
<varlistentry>
- <term><varname>BlackList=</varname></term>
+ <term><varname>PrefixDelegationHint=</varname></term>
<listitem>
- <para>A whitespace-separated list of IPv4 addresses. DHCP offers from servers in the list are rejected.</para>
+ <para>Takes an IPv6 address with prefix length as <varname>Addresss=</varname> in
+ the "[Network]" section. Specifies the DHCPv6 client for the requesting router to include
+ a prefix-hint in the DHCPv6 solicitation. Prefix ranges 1-128. Defaults to unset.</para>
</listitem>
</varlistentry>
-
</variablelist>
- </refsect1>
+ </refsect1>
<refsect1>
<title>[IPv6AcceptRA] Section Options</title>
<varname>DNS=</varname>.</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>EmitSIP=</varname></term>
+ <term><varname>SIP=</varname></term>
+
+ <listitem><para>Similar to the <varname>EmitDNS=</varname> and
+ <varname>DNS=</varname> settings described above, these
+ settings configure whether and what SIP server information
+ shall be emitted as part of the DHCP lease. The same syntax,
+ propagation semantics and defaults apply as for
+ <varname>EmitDNS=</varname> and
+ <varname>DNS=</varname>.</para></listitem>
+ </varlistentry>
+
<varlistentry>
<term><varname>EmitRouter=</varname></term>
</variablelist>
</refsect1>
- <refsect1>
+ <refsect1>
<title>[IPv6Prefix] Section Options</title>
<para>One or more <literal>[IPv6Prefix]</literal> sections contain the IPv6
prefixes that are announced via Router Advertisements. See
</variablelist>
</refsect1>
+ <refsect1>
+ <title>[IPv6RoutePrefix] Section Options</title>
+ <para>One or more <literal>[IPv6RoutePrefix]</literal> sections contain the IPv6
+ prefix routes that are announced via Router Advertisements. See
+ <ulink url="https://tools.ietf.org/html/rfc4191">RFC 4191</ulink>
+ for further details.</para>
+
+ <variablelist class='network-directives'>
+
+ <varlistentry>
+ <term><varname>Route=</varname></term>
+
+ <listitem><para>The IPv6 route that is to be distributed to hosts.
+ Similarly to configuring static IPv6 routes, the setting is
+ configured as an IPv6 prefix routes and its prefix route length,
+ separated by a<literal>/</literal> character. Use multiple
+ <literal>[IPv6PrefixRoutes]</literal> sections to configure multiple IPv6
+ prefix routes.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>LifetimeSec=</varname></term>
+
+ <listitem><para>Lifetime for the route prefix measured in
+ seconds. <varname>LifetimeSec=</varname> defaults to 604800 seconds (one week).
+ </para></listitem>
+ </varlistentry>
+
+ </variablelist>
+ </refsect1>
+
<refsect1>
<title>[Bridge] Section Options</title>
<para>The <literal>[Bridge]</literal> section accepts the
</variablelist>
</refsect1>
+ <refsect1>
+ <title>[TrafficControlQueueingDiscipline] Section Options</title>
+ <para>The <literal>[TrafficControlQueueingDiscipline]</literal> section manages the Traffic control. It can be used
+ to configure the kernel packet scheduler and simulate packet delay and loss for UDP or TCP applications,
+ or limit the bandwidth usage of a particular service to simulate internet connections.</para>
+
+ <variablelist class='network-directives'>
+ <varlistentry>
+ <term><varname>Parent=</varname></term>
+ <listitem>
+ <para>Specifies the parent Queueing Discipline (qdisc). Takes one of <literal>root</literal>
+ or <literal>clsact</literal>. Defaults to <literal>root</literal>.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>NetworkEmulatorDelaySec=</varname></term>
+ <listitem>
+ <para>Specifies the fixed amount of delay to be added to all packets going out of the
+ interface. Defaults to unset.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>NetworkEmulatorDelayJitterSec=</varname></term>
+ <listitem>
+ <para>Specifies the chosen delay to be added to the packets outgoing to the network
+ interface. Defaults to unset.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>NetworkEmulatorPacketLimit=</varname></term>
+ <listitem>
+ <para>Specifies the maximum number of packets the qdisc may hold queued at a time.
+ An unsigned integer ranges 0 to 4294967294. Defaults to 1000.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>NetworkEmulatorLossRate=</varname></term>
+ <listitem>
+ <para>Specifies an independent loss probability to be added to the packets outgoing from the
+ network interface. Takes a percentage value, suffixed with "%". Defaults to unset.</para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </refsect1>
+
<refsect1>
<title>[BridgeVLAN] Section Options</title>
<para>The <literal>[BridgeVLAN]</literal> section manages the VLAN ID configuration of a bridge port and accepts
<literal>en</literal> (i.e. ethernet interfaces).</para>
</example>
+ <example>
+ <title>IPv6 Prefix Delegation</title>
+
+ <programlisting># /etc/systemd/network/55-ipv6-pd-upstream.network
+[Match]
+Name=enp1s0
+
+[Network]
+DHCP=ipv6</programlisting>
+
+ <programlisting># /etc/systemd/network/56-ipv6-pd-downstream.network
+[Match]
+Name=enp2s0
+
+[Network]
+IPv6PrefixDelegation=dhcpv6</programlisting>
+
+ <para>This will enable IPv6 PD on the interface enp1s0 as an upstream interface where the
+ DHCPv6 client is running and enp2s0 as a downstream interface where the prefix is delegated to.</para>
+ </example>
+
<example>
<title>A bridge with two enslaved links</title>
projects / thirdparty / systemd.git / blobdiff