diff options
| author | Martin Pitt <mpitt@debian.org> | 2017-03-02 10:44:39 +0100 |
|---|---|---|
| committer | Martin Pitt <mpitt@debian.org> | 2017-03-02 10:44:39 +0100 |
| commit | 2897b343851c95927e26f45bea8c40da605dbed1 (patch) | |
| tree | c15ec2f4b562d39a818acc5d65ae58944791dba9 /man/systemd.network.xml | |
| parent | 8a584da2774aca0b14c8aacef574e93d943d470e (diff) | |
| download | systemd-2897b343851c95927e26f45bea8c40da605dbed1.tar.gz | |
New upstream version 233
Diffstat (limited to 'man/systemd.network.xml')
| -rw-r--r-- | man/systemd.network.xml | 252 |
1 files changed, 190 insertions, 62 deletions
diff --git a/man/systemd.network.xml b/man/systemd.network.xml index 2fb4907634..b807ebf29b 100644 --- a/man/systemd.network.xml +++ b/man/systemd.network.xml @@ -123,7 +123,10 @@ <listitem> <para>A whitespace-separated list of shell-style globs matching the persistent path, as exposed by the udev - property <literal>ID_PATH</literal>.</para> + property <literal>ID_PATH</literal>. If the list is + prefixed with a "!", the test is inverted; i.e. it is + true when <literal>ID_PATH</literal> does not match any + item in the list.</para> </listitem> </varlistentry> <varlistentry> @@ -134,7 +137,8 @@ exposed by the udev property <literal>DRIVER</literal> of its parent device, or if that is not set the driver as exposed by <literal>ethtool -i</literal> of the - device itself.</para> + device itself. If the list is prefixed with a "!", the + test is inverted.</para> </listitem> </varlistentry> <varlistentry> @@ -142,7 +146,8 @@ <listitem> <para>A whitespace-separated list of shell-style globs matching the device type, as exposed by the udev property - <literal>DEVTYPE</literal>.</para> + <literal>DEVTYPE</literal>. If the list is prefixed with + a "!", the test is inverted.</para> </listitem> </varlistentry> <varlistentry> @@ -150,7 +155,8 @@ <listitem> <para>A whitespace-separated list of shell-style globs matching the device name, as exposed by the udev property - <literal>INTERFACE</literal>.</para> + <literal>INTERFACE</literal>. If the list is prefixed + with a "!", the test is inverted.</para> </listitem> </varlistentry> <varlistentry> @@ -232,6 +238,18 @@ the network otherwise.</para> </listitem> </varlistentry> + <varlistentry> + <term><varname>Unmanaged=</varname></term> + <listitem> + <para>A boolean. When <literal>yes</literal>, no attempts are + made to bring up or configure matching links, equivalent to + when there are no matching network files. Defaults to + <literal>no</literal>.</para> + <para>This is useful for preventing later matching network + files from interfering with certain interfaces that are fully + controlled by other applications.</para> + </listitem> + </varlistentry> </variablelist> </refsect1> @@ -585,8 +603,8 @@ </para></listitem> </varlistentry> <varlistentry> - <term><varname>ProxyARP=</varname></term> - <listitem><para>A boolean. Configures proxy ARP. Proxy ARP is the technique in which one host, + <term><varname>IPv4ProxyARP=</varname></term> + <listitem><para>A boolean. Configures proxy ARP for IPv4. Proxy ARP is the technique in which one host, usually a router, answers ARP requests intended for another machine. By "faking" its identity, the router accepts responsibility for routing packets to the "real" destination. (see <ulink url="https://tools.ietf.org/html/rfc1027">RFC 1027</ulink>. @@ -594,49 +612,78 @@ </para></listitem> </varlistentry> <varlistentry> + <term><varname>IPv6ProxyNDPAddress=</varname></term> + <listitem><para>An IPv6 address, for which Neighbour Advertisement + messages will be proxied. + Proxy NDP (Neighbor Discovery Protocol) is a technique for IPv6 to + allow routing of addresses to a different destination when peers expect them + to be present on a certain physical link. + In this case a router answers Neighbour Advertisement messages intended for + another machine by offering its own MAC address as destination. + Unlike proxy ARP for IPv4, is not enabled globally, but will only send Neighbour + Advertisement messages for addresses in the IPv6 neighbor proxy table, + which can also be shown by <command>ip -6 neighbour show proxy</command> + This option may be specified more than once. systemd-networkd will control the + per-interface `proxy_ndp` switch for each configured interface, depending on whether + there are <option>IPv6ProxyNDPAddress=</option> entries configured and add these to + the kernels IPv6 neighbor proxy table. + Defaults to unset. + </para></listitem> + </varlistentry> + <varlistentry> <term><varname>Bridge=</varname></term> <listitem> - <para>The name of the bridge to add the link to.</para> + <para>The name of the bridge to add the link to. See + <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>. + </para> </listitem> </varlistentry> <varlistentry> <term><varname>Bond=</varname></term> <listitem> - <para>The name of the bond to add the link to.</para> + <para>The name of the bond to add the link to. See + <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>. + </para> </listitem> </varlistentry> <varlistentry> <term><varname>VRF=</varname></term> <listitem> - <para>The name of the VRF to add the link to.</para> + <para>The name of the VRF to add the link to. See + <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>. + </para> </listitem> </varlistentry> <varlistentry> <term><varname>VLAN=</varname></term> <listitem> - <para>The name of a VLAN to create on the link. This - option may be specified more than once.</para> + <para>The name of a VLAN to create on the link. See + <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>. + This option may be specified more than once.</para> </listitem> </varlistentry> <varlistentry> <term><varname>MACVLAN=</varname></term> <listitem> - <para>The name of a MACVLAN to create on the link. This - option may be specified more than once.</para> + <para>The name of a MACVLAN to create on the link. See + <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>. + This option may be specified more than once.</para> </listitem> </varlistentry> <varlistentry> <term><varname>VXLAN=</varname></term> <listitem> - <para>The name of a VXLAN to create on the link. This - option may be specified more than once.</para> + <para>The name of a VXLAN to create on the link. See + <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>. + This option may be specified more than once.</para> </listitem> </varlistentry> <varlistentry> <term><varname>Tunnel=</varname></term> <listitem> - <para>The name of a Tunnel to create on the link. This - option may be specified more than once.</para> + <para>The name of a Tunnel to create on the link. See + <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>. + This option may be specified more than once.</para> </listitem> </varlistentry> </variablelist> @@ -984,6 +1031,13 @@ </para> </listitem> </varlistentry> + + <varlistentry> + <term><varname>ListenPort=</varname></term> + <listitem> + <para>Allow setting custom port for the DHCP client to listen on.</para> + </listitem> + </varlistentry> </variablelist> </refsect1> @@ -1268,53 +1322,75 @@ </refsect1> <refsect1> - <title>Example</title> + <title>Examples</title> <example> - <title>/etc/systemd/network/50-static.network</title> + <title>Static network configuration</title> - <programlisting>[Match] + <programlisting># /etc/systemd/network/50-static.network +[Match] Name=enp2s0 [Network] Address=192.168.0.15/24 Gateway=192.168.0.1</programlisting> + + <para>This brings interface <literal>enp2s0</literal> up with a static address. The + specified gateway will be used for a default route.</para> </example> <example> - <title>/etc/systemd/network/80-dhcp.network</title> + <title>DHCP on ethernet links</title> - <programlisting>[Match] + <programlisting># /etc/systemd/network/80-dhcp.network +[Match] Name=en* [Network] DHCP=yes</programlisting> + + <para>This will enable DHCPv4 and DHCPv6 on all interfaces with names starting with + <literal>en</literal> (i.e. ethernet interfaces).</para> </example> <example> - <title>/etc/systemd/network/25-bridge-static.network</title> + <title>A bridge with two enslaved links</title> - <programlisting>[Match] + <programlisting># /etc/systemd/network/25-bridge-static.network +[Match] Name=bridge0 [Network] Address=192.168.0.15/24 Gateway=192.168.0.1 DNS=192.168.0.1</programlisting> - </example> - <example> - <title>/etc/systemd/network/25-bridge-slave-interface.network</title> - - <programlisting>[Match] + <programlisting># /etc/systemd/network/25-bridge-slave-interface-1.network +[Match] Name=enp2s0 [Network] Bridge=bridge0</programlisting> + + <programlisting># /etc/systemd/network/25-bridge-slave-interface-2.network +[Match] +Name=wlp3s0 + +[Network] +Bridge=bridge0</programlisting> + + <para>This creates a bridge and attaches devices <literal>enp2s0</literal> and + <literal>wlp3s0</literal> to it. The bridge will have the specified static address + and network assigned, and a default route via the specified gateway will be + added. The specified DNS server will be added to the global list of DNS resolvers. + </para> </example> + <example> - <title>/etc/systemd/network/25-bridge-slave-interface-vlan.network</title> + <title></title> - <programlisting>[Match] + <programlisting> +# /etc/systemd/network/20-bridge-slave-interface-vlan.network +[Match] Name=enp2s0 [Network] @@ -1330,69 +1406,121 @@ VLAN=100-200 [BridgeVLAN] EgressUntagged=300-400</programlisting> + + <para>This overrides the configuration specified in the previous example for the + interface <literal>enp2s0</literal>, and enables VLAN on that bridge port. VLAN IDs + 1-32, 42, 100-400 will be allowed. Packets tagged with VLAN IDs 42, 300-400 will be + untagged when they leave on this interface. Untagged packets which arrive on this + interface will be assigned VLAN ID 42.</para> </example> + <example> - <title>/etc/systemd/network/25-ipip.network</title> + <title>Various tunnels</title> - <programlisting>[Match] -Name=em1 + <programlisting>/etc/systemd/network/25-tunnels.network +[Match] +Name=ens1 [Network] -Tunnel=ipip-tun</programlisting> +Tunnel=ipip-tun +Tunnel=sit-tun +Tunnel=gre-tun +Tunnel=vti-tun + </programlisting> + + <programlisting>/etc/systemd/network/25-tunnel-ipip.netdev +[NetDev] +Name=ipip-tun +Kind=ipip + </programlisting> + + <programlisting>/etc/systemd/network/25-tunnel-sit.netdev +[NetDev] +Name=sit-tun +Kind=sit + </programlisting> + + <programlisting>/etc/systemd/network/25-tunnel-gre.netdev +[NetDev] +Name=gre-tun +Kind=gre + </programlisting> + + <programlisting>/etc/systemd/network/25-tunnel-vti.netdev +[NetDev] +Name=vti-tun +Kind=vti + </programlisting> + + <para>This will bring interface <literal>ens1</literal> up and create an IPIP tunnel, + a SIT tunnel, a GRE tunnel, and a VTI tunnel using it.</para> </example> <example> - <title>/etc/systemd/network/25-sit.network</title> + <title>A bond device</title> - <programlisting>[Match] -Name=em1 + <programlisting># /etc/systemd/network/30-bond1.network +[Match] +Name=bond1 [Network] -Tunnel=sit-tun</programlisting> - </example> +DHCP=ipv6 +</programlisting> - <example> - <title>/etc/systemd/network/25-gre.network</title> + <programlisting># /etc/systemd/network/30-bond1.netdev +[NetDev] +Name=bond1 +Kind=bond +</programlisting> - <programlisting>[Match] -Name=em1 + <programlisting># /etc/systemd/network/30-bond1-dev1.network +[Match] +MACAddress=52:54:00:e9:64:41 [Network] -Tunnel=gre-tun</programlisting> - </example> - - <example> - <title>/etc/systemd/network/25-vti.network</title> +Bond=bond1 +</programlisting> - <programlisting>[Match] -Name=em1 + <programlisting># /etc/systemd/network/30-bond1-dev2.network +[Match] +MACAddress=52:54:00:e9:64:42 [Network] -Tunnel=vti-tun</programlisting> +Bond=bond1 +</programlisting> + + <para>This will create a bond device <literal>bond1</literal> and enslave the two + devices with MAC addresses 52:54:00:e9:64:41 and 52:54:00:e9:64:42 to it. IPv6 DHCP + will be used to acquire an address.</para> </example> <example> - <title>/etc/systemd/network/25-bond.network</title> - - <programlisting>[Match] + <title>Virtual Routing and Forwarding (VRF)</title> + <para>Add the <literal>bond1</literal> interface to the VRF master interface + <literal>vrf1</literal>. This will redirect routes generated on this interface to be + within the routing table defined during VRF creation. Traffic won't be redirected + towards the VRFs routing table unless specific ip-rules are added.</para> + <programlisting># /etc/systemd/network/25-vrf.network +[Match] Name=bond1 [Network] -DHCP=yes +VRF=vrf1 </programlisting> </example> <example> - <title>/etc/systemd/network/25-vrf.network</title> - <para>Add the bond1 interface to the VRF master interface vrf-test. This will redirect routes generated on this interface to be within the routing table defined during VRF creation. Traffic won't be redirected towards the VRFs routing table unless specific ip-rules are added.</para> - <programlisting>[Match] -Name=bond1 + <title>MacVTap</title> + <para>This brings up a network interface <literal>macvtap-test</literal> + and attaches it to <literal>enp0s25</literal>.</para> + <programlisting># /lib/systemd/network/25-macvtap.network +[Match] +Name=enp0s25 [Network] -VRF=vrf-test +MACVTAP=macvtap-test </programlisting> </example> - </refsect1> <refsect1> |