</para></listitem>
</varlistentry>
<varlistentry>
- <term><varname>ProxyARP=</varname></term>
- <listitem><para>A boolean. Configures proxy ARP. Proxy ARP is the technique in which one host,
+ <term><varname>IPv4ProxyARP=</varname></term>
+ <listitem><para>A boolean. Configures proxy ARP for IPv4. Proxy ARP is the technique in which one host,
usually a router, answers ARP requests intended for another machine. By "faking" its identity,
the router accepts responsibility for routing packets to the "real" destination. (see <ulink
url="https://tools.ietf.org/html/rfc1027">RFC 1027</ulink>.
Defaults to unset.
</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>IPv6ProxyNDPAddress=</varname></term>
+ <listitem><para>An IPv6 address, for which Neighbour Advertisement
+ messages will be proxied.
+ Proxy NDP (Neighbor Discovery Protocol) is a technique for IPv6 to
+ allow routing of addresses to a different destination when peers expect them
+ to be present on a certain physical link.
+ In this case a router answers Neighbour Advertisement messages intended for
+ another machine by offering its own MAC address as destination.
+ Unlike proxy ARP for IPv4, is not enabled globally, but will only send Neighbour
+ Advertisement messages for addresses in the IPv6 neighbor proxy table,
+ which can also be shown by <command>ip -6 neighbour show proxy</command>
+ This option may be specified more than once. systemd-networkd will control the
+ per-interface `proxy_ndp` switch for each configured interface, depending on whether
+ there are <option>IPv6ProxyNDPAddress=</option> entries configured and add these to
+ the kernels IPv6 neighbor proxy table.
+ Defaults to unset.
+ </para></listitem>
+ </varlistentry>
<varlistentry>
<term><varname>Bridge=</varname></term>
<listitem>
- <para>The name of the bridge to add the link to.</para>
+ <para>The name of the bridge to add the link to. See
+ <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+ </para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Bond=</varname></term>
<listitem>
- <para>The name of the bond to add the link to.</para>
+ <para>The name of the bond to add the link to. See
+ <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+ </para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>VRF=</varname></term>
<listitem>
- <para>The name of the VRF to add the link to.</para>
+ <para>The name of the VRF to add the link to. See
+ <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+ </para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>VLAN=</varname></term>
<listitem>
- <para>The name of a VLAN to create on the link. This
- option may be specified more than once.</para>
+ <para>The name of a VLAN to create on the link. See
+ <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+ This option may be specified more than once.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>MACVLAN=</varname></term>
<listitem>
- <para>The name of a MACVLAN to create on the link. This
- option may be specified more than once.</para>
+ <para>The name of a MACVLAN to create on the link. See
+ <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+ This option may be specified more than once.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>VXLAN=</varname></term>
<listitem>
- <para>The name of a VXLAN to create on the link. This
- option may be specified more than once.</para>
+ <para>The name of a VXLAN to create on the link. See
+ <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+ This option may be specified more than once.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Tunnel=</varname></term>
<listitem>
- <para>The name of a Tunnel to create on the link. This
- option may be specified more than once.</para>
+ <para>The name of a Tunnel to create on the link. See
+ <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+ This option may be specified more than once.</para>
</listitem>
</varlistentry>
</variablelist>
</variablelist>
</refsect1>
+ <refsect1>
+ <title>[IPv6AddressLabel] Section Options</title>
+
+ <para>An <literal>[IPv6AddressLabel]</literal> section accepts the
+ following keys. Specify several <literal>[IPv6AddressLabel]</literal>
+ sections to configure several addresse labels. IPv6 address labels are
+ used for address selection. See <ulink url="https://tools.ietf.org/html/rfc3484">RFC 3484</ulink>.
+ Precedence is managed by userspace, and only the label itself is stored in the kernel</para>
+
+ <variablelist class='network-directives'>
+ <varlistentry>
+ <term><varname>Label=</varname></term>
+ <listitem>
+ <para> The label for the prefix (an unsigned integer) ranges 0 to 4294967294.
+ 0xffffffff is reserved. This key is mandatory.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>Prefix=</varname></term>
+ <listitem>
+ <para>IPv6 prefix is an address with a prefix length, separated by a slash <literal>/</literal> character.
+ This key is mandatory. </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
<refsect1>
<title>[Route] Section Options</title>
<para>The <literal>[Route]</literal> section accepts the
<para>As in the <literal>[Network]</literal> section.</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>GatewayOnlink=</varname></term>
+ <listitem>
+ <para>The <literal>GatewayOnlink</literal> option tells the kernel that it does not have
+ to check if the gateway is reachable directly by the current machine (i.e., the kernel does
+ not need to check if the gateway is attached to the local network), so that we can insert the
+ route in the kernel table without it being complained about. A boolean, defaults to <literal>no</literal>.
+ </para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term><varname>Destination=</varname></term>
<listitem>
<para>The metric of the route (an unsigned integer).</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>IPv6Preference=</varname></term>
+ <listitem>
+ <para>Specifies the route preference as defined in <ulink
+ url="https://tools.ietf.org/html/rfc4191">RFC4191</ulink> for Router Discovery messages.
+ Which can be one of <literal>low</literal> the route has a lowest priority,
+ <literal>medium</literal> the route has a default priority or
+ <literal>high</literal> the route has a highest priority.</para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term><varname>Scope=</varname></term>
<listitem>
<para>Sets the "cost" of sending packets of this interface.
Each port in a bridge may have a different speed and the cost
is used to decide which link to use. Faster interfaces
- should have lower costs.</para>
+ should have lower costs. It is an interger value between 1 and
+ 65535.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><varname>Priority=</varname></term>
+ <listitem>
+ <para>Sets the "priority" of sending packets on this interface.
+ Each port in a bridge may have a different priority which is used
+ to decide which link to use. Lower value means higher priority.
+ It is an interger value between 0 to 63. Networkd does not set any
+ default, meaning the kernel default value of 32 is used.</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
- <title>Example</title>
+ <title>Examples</title>
<example>
- <title>/etc/systemd/network/50-static.network</title>
+ <title>Static network configuration</title>
- <programlisting>[Match]
+ <programlisting># /etc/systemd/network/50-static.network
+[Match]
Name=enp2s0
[Network]
Address=192.168.0.15/24
Gateway=192.168.0.1</programlisting>
+
+ <para>This brings interface <literal>enp2s0</literal> up with a static address. The
+ specified gateway will be used for a default route.</para>
</example>
<example>
- <title>/etc/systemd/network/80-dhcp.network</title>
+ <title>DHCP on ethernet links</title>
- <programlisting>[Match]
+ <programlisting># /etc/systemd/network/80-dhcp.network
+[Match]
Name=en*
[Network]
DHCP=yes</programlisting>
+
+ <para>This will enable DHCPv4 and DHCPv6 on all interfaces with names starting with
+ <literal>en</literal> (i.e. ethernet interfaces).</para>
</example>
<example>
- <title>/etc/systemd/network/25-bridge-static.network</title>
+ <title>A bridge with two enslaved links</title>
- <programlisting>[Match]
+ <programlisting># /etc/systemd/network/25-bridge-static.network
+[Match]
Name=bridge0
[Network]
Address=192.168.0.15/24
Gateway=192.168.0.1
DNS=192.168.0.1</programlisting>
- </example>
- <example>
- <title>/etc/systemd/network/25-bridge-slave-interface.network</title>
-
- <programlisting>[Match]
+ <programlisting># /etc/systemd/network/25-bridge-slave-interface-1.network
+[Match]
Name=enp2s0
[Network]
Bridge=bridge0</programlisting>
+
+ <programlisting># /etc/systemd/network/25-bridge-slave-interface-2.network
+[Match]
+Name=wlp3s0
+
+[Network]
+Bridge=bridge0</programlisting>
+
+ <para>This creates a bridge and attaches devices <literal>enp2s0</literal> and
+ <literal>wlp3s0</literal> to it. The bridge will have the specified static address
+ and network assigned, and a default route via the specified gateway will be
+ added. The specified DNS server will be added to the global list of DNS resolvers.
+ </para>
</example>
+
<example>
- <title>/etc/systemd/network/25-bridge-slave-interface-vlan.network</title>
+ <title></title>
- <programlisting>[Match]
+ <programlisting>
+# /etc/systemd/network/20-bridge-slave-interface-vlan.network
+[Match]
Name=enp2s0
[Network]
[BridgeVLAN]
EgressUntagged=300-400</programlisting>
+
+ <para>This overrides the configuration specified in the previous example for the
+ interface <literal>enp2s0</literal>, and enables VLAN on that bridge port. VLAN IDs
+ 1-32, 42, 100-400 will be allowed. Packets tagged with VLAN IDs 42, 300-400 will be
+ untagged when they leave on this interface. Untagged packets which arrive on this
+ interface will be assigned VLAN ID 42.</para>
</example>
+
<example>
- <title>/etc/systemd/network/25-ipip.network</title>
+ <title>Various tunnels</title>
- <programlisting>[Match]
-Name=em1
+ <programlisting>/etc/systemd/network/25-tunnels.network
+[Match]
+Name=ens1
[Network]
-Tunnel=ipip-tun</programlisting>
+Tunnel=ipip-tun
+Tunnel=sit-tun
+Tunnel=gre-tun
+Tunnel=vti-tun
+ </programlisting>
+
+ <programlisting>/etc/systemd/network/25-tunnel-ipip.netdev
+[NetDev]
+Name=ipip-tun
+Kind=ipip
+ </programlisting>
+
+ <programlisting>/etc/systemd/network/25-tunnel-sit.netdev
+[NetDev]
+Name=sit-tun
+Kind=sit
+ </programlisting>
+
+ <programlisting>/etc/systemd/network/25-tunnel-gre.netdev
+[NetDev]
+Name=gre-tun
+Kind=gre
+ </programlisting>
+
+ <programlisting>/etc/systemd/network/25-tunnel-vti.netdev
+[NetDev]
+Name=vti-tun
+Kind=vti
+ </programlisting>
+
+ <para>This will bring interface <literal>ens1</literal> up and create an IPIP tunnel,
+ a SIT tunnel, a GRE tunnel, and a VTI tunnel using it.</para>
</example>
<example>
- <title>/etc/systemd/network/25-sit.network</title>
+ <title>A bond device</title>
- <programlisting>[Match]
-Name=em1
+ <programlisting># /etc/systemd/network/30-bond1.network
+[Match]
+Name=bond1
[Network]
-Tunnel=sit-tun</programlisting>
- </example>
+DHCP=ipv6
+</programlisting>
- <example>
- <title>/etc/systemd/network/25-gre.network</title>
+ <programlisting># /etc/systemd/network/30-bond1.netdev
+[NetDev]
+Name=bond1
+Kind=bond
+</programlisting>
- <programlisting>[Match]
-Name=em1
+ <programlisting># /etc/systemd/network/30-bond1-dev1.network
+[Match]
+MACAddress=52:54:00:e9:64:41
[Network]
-Tunnel=gre-tun</programlisting>
- </example>
-
- <example>
- <title>/etc/systemd/network/25-vti.network</title>
+Bond=bond1
+</programlisting>
- <programlisting>[Match]
-Name=em1
+ <programlisting># /etc/systemd/network/30-bond1-dev2.network
+[Match]
+MACAddress=52:54:00:e9:64:42
[Network]
-Tunnel=vti-tun</programlisting>
+Bond=bond1
+</programlisting>
+
+ <para>This will create a bond device <literal>bond1</literal> and enslave the two
+ devices with MAC addresses 52:54:00:e9:64:41 and 52:54:00:e9:64:42 to it. IPv6 DHCP
+ will be used to acquire an address.</para>
</example>
<example>
- <title>/etc/systemd/network/25-bond.network</title>
-
- <programlisting>[Match]
+ <title>Virtual Routing and Forwarding (VRF)</title>
+ <para>Add the <literal>bond1</literal> interface to the VRF master interface
+ <literal>vrf1</literal>. This will redirect routes generated on this interface to be
+ within the routing table defined during VRF creation. Traffic won't be redirected
+ towards the VRFs routing table unless specific ip-rules are added.</para>
+ <programlisting># /etc/systemd/network/25-vrf.network
+[Match]
Name=bond1
[Network]
-DHCP=yes
+VRF=vrf1
</programlisting>
</example>
<example>
- <title>/etc/systemd/network/25-vrf.network</title>
- <para>Add the bond1 interface to the VRF master interface vrf-test. This will redirect routes generated on this interface to be within the routing table defined during VRF creation. Traffic won't be redirected towards the VRFs routing table unless specific ip-rules are added.</para>
- <programlisting>[Match]
-Name=bond1
+ <title>MacVTap</title>
+ <para>This brings up a network interface <literal>macvtap-test</literal>
+ and attaches it to <literal>enp0s25</literal>.</para>
+ <programlisting># /usr/lib/systemd/network/25-macvtap.network
+[Match]
+Name=enp0s25
[Network]
-VRF=vrf-test
+MACVTAP=macvtap-test
</programlisting>
</example>
-
</refsect1>
<refsect1>
projects / thirdparty / systemd.git / blobdiff