diff options
Diffstat (limited to 'man/systemd.network.xml')
| -rw-r--r-- | man/systemd.network.xml | 105 |
1 files changed, 83 insertions, 22 deletions
diff --git a/man/systemd.network.xml b/man/systemd.network.xml index 485876b6ac..54fef4c9c4 100644 --- a/man/systemd.network.xml +++ b/man/systemd.network.xml @@ -1,6 +1,9 @@ <?xml version='1.0'?> <!--*-nxml-*--> <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" - "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ +<!ENTITY % entities SYSTEM "custom-entities.ent" > +%entities; +]> <!-- This file is part of systemd. @@ -64,20 +67,20 @@ <para>The <filename>.network</filename> files are read from the files located in the system network directory - <filename>/usr/lib/systemd/network</filename>, the volatile + <filename>&rootlibexecdir;/network</filename>, the volatile runtime network directory <filename>/run/systemd/network</filename> and the local administration network directory - <filename>/etc/systemd/network</filename>. All configuration files + <filename>&pkgsysconfdir;/network</filename>. All configuration files are collectively sorted and processed in lexical order, regardless of the directories in which they live. However, files with identical filenames replace each other. Files in <filename>/etc</filename> have the highest priority, files in <filename>/run</filename> take precedence over files with the same - name in <filename>/usr/lib</filename>. This can be used to + name in <filename>&rootprefix;/lib</filename>. This can be used to override a system-supplied configuration file with a local file if needed; a symlink in <filename>/etc</filename> with the same name - as a configuration file in <filename>/usr/lib</filename>, pointing + as a configuration file in <filename>&rootprefix;/lib</filename>, pointing to <filename>/dev/null</filename>, disables the configuration file entirely.</para> @@ -91,7 +94,8 @@ to a given device; and a <literal>[Network]</literal> section specifying how the device should be configured. The first (in lexical order) of the network files that matches a given device - is applied.</para> + is applied, all later files are ignored, even if they match as + well.</para> <para>A network file is said to match a device if each of the entries in the <literal>[Match]</literal> section matches, or if @@ -227,6 +231,10 @@ <para>Enables DHCPv4 and/or DHCPv6 support. Accepts <literal>yes</literal>, <literal>no</literal>, <literal>ipv4</literal>, or <literal>ipv6</literal>.</para> + + <para>Please note that by default the domain name + specified through DHCP is not used for name resolution. + See option <option>UseDomains=</option> below.</para> </listitem> </varlistentry> <varlistentry> @@ -280,13 +288,24 @@ </listitem> </varlistentry> <varlistentry> + <term><varname>BindCarrier=</varname></term> + <listitem> + <para>A port or a list of ports. When set, controls the + behaviour of the current interface. When all ports in the list + are in an operational down state, the current interface is brought + down. When at least one port has carrier, the current interface + is brought up. + </para> + </listitem> + </varlistentry> + <varlistentry> <term><varname>Address=</varname></term> <listitem> <para>A static IPv4 or IPv6 address and its prefix length, separated by a <literal>/</literal> character. Specify this key more than once to configure several addresses. The format of the address must be as described in - <citerefentry><refentrytitle>inet_pton</refentrytitle><manvolnum>3</manvolnum></citerefentry>. + <citerefentry project='man-pages'><refentrytitle>inet_pton</refentrytitle><manvolnum>3</manvolnum></citerefentry>. This is a short-hand for an [Address] section only containing an Address key (see below). This option may be specified more than once. @@ -312,7 +331,7 @@ <listitem> <para>The gateway address, which must be in the format described in - <citerefentry><refentrytitle>inet_pton</refentrytitle><manvolnum>3</manvolnum></citerefentry>. + <citerefentry project='man-pages'><refentrytitle>inet_pton</refentrytitle><manvolnum>3</manvolnum></citerefentry>. This is a short-hand for a [Route] section only containing a Gateway key. This option may be specified more than once.</para> @@ -323,7 +342,7 @@ <listitem> <para>A DNS server address, which must be in the format described in - <citerefentry><refentrytitle>inet_pton</refentrytitle><manvolnum>3</manvolnum></citerefentry>. + <citerefentry project='man-pages'><refentrytitle>inet_pton</refentrytitle><manvolnum>3</manvolnum></citerefentry>. This option may be specified more than once.</para> </listitem> </varlistentry> @@ -347,7 +366,23 @@ the routing table. Takes either a boolean argument, or the values <literal>ipv4</literal> or <literal>ipv6</literal>, which only enables IP forwarding for the specified address - family.</para></listitem> + family, or <literal>kernel</literal>, which preserves existing sysctl settings. + This controls the + <filename>net.ipv4.conf.<interface>.forwarding</filename> + and + <filename>net.ipv6.conf.<interface>.forwarding</filename> + sysctl options of the network interface (see <ulink + url="https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt">ip-sysctl.txt</ulink> + for details about sysctl options). Defaults to + <literal>no</literal>.</para> + + <para>Note: unless this option is turned on, or set to <literal>kernel</literal>, + no IP forwarding is done on this interface, even if this is + globally turned on in the kernel, with the + <filename>net.ipv4.ip_forward</filename> and + <filename>net.ipv4.ip_forward</filename> sysctl + options.</para> + </listitem> </varlistentry> <varlistentry> <term><varname>IPMasquerade=</varname></term> @@ -355,7 +390,8 @@ interface. If enabled packets forwarded from the network interface will be appear as coming from the local host. Takes a boolean argument. Implies - <varname>IPForward=yes</varname>.</para></listitem> + <varname>IPForward=ipv4</varname>. Defaults to + <literal>no</literal>.</para></listitem> </varlistentry> <varlistentry> <term><varname>Bridge=</varname></term> @@ -429,7 +465,7 @@ <listitem> <para>The broadcast address, which must be in the format described in - <citerefentry><refentrytitle>inet_pton</refentrytitle><manvolnum>3</manvolnum></citerefentry>. + <citerefentry project='man-pages'><refentrytitle>inet_pton</refentrytitle><manvolnum>3</manvolnum></citerefentry>. This key only applies to IPv4 addresses. If it is not given, it is derived from the <literal>Address</literal> key.</para> @@ -501,6 +537,17 @@ <para>When true (the default), the DNS servers received from the DHCP server will be used and take precedence over any statically configured ones.</para> + + <para>This corresponds to the <option>nameserver</option> + option in <citerefentry project='man-pages'><refentrytitle>resolv.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>UseNTP=</varname></term> + <listitem> + <para>When true (the default), the NTP servers received + from the DHCP server will be used by systemd-timesyncd + and take precedence over any statically configured ones.</para> </listitem> </varlistentry> <varlistentry> @@ -531,7 +578,13 @@ <listitem> <para>When true (not the default), the domain name received from the DHCP server will be used for DNS - resolution over this link.</para> + resolution over this link. When a name cannot be resolved + as specified, the domain name will be used a suffix and + name resolution of that will be attempted.</para> + + <para>This corresponds to the <option>domain</option> + option in <citerefentry project='man-pages'><refentrytitle>resolv.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry> + and should not be enabled on untrusted networks.</para> </listitem> </varlistentry> <varlistentry> @@ -553,6 +606,14 @@ </listitem> </varlistentry> <varlistentry> + <term><varname>ClientIdentifier=</varname></term> + <listitem> + <para>DHCP client identifier to use. Either <literal>mac</literal> + to use the MAC address of the link or <literal>duid</literal> + (the default) to use a RFC4361-compliant Client ID.</para> + </listitem> + </varlistentry> + <varlistentry> <term><varname>VendorClassIdentifier=</varname></term> <listitem> <para>The vendor class identifier used to identify vendor @@ -626,7 +687,7 @@ <refsect1> <title>Example</title> <example> - <title>/etc/systemd/network/50-static.network</title> + <title>&pkgsysconfdir;/network/50-static.network</title> <programlisting>[Match] Name=enp2s0 @@ -637,17 +698,17 @@ Gateway=192.168.0.1</programlisting> </example> <example> - <title>/etc/systemd/network/80-dhcp.network</title> + <title>&pkgsysconfdir;/network/80-dhcp.network</title> <programlisting>[Match] Name=en* [Network] -DHCP=both</programlisting> +DHCP=yes</programlisting> </example> <example> - <title>/etc/systemd/network/bridge-static.network</title> + <title>&pkgsysconfdir;/network/bridge-static.network</title> <programlisting>[Match] Name=bridge0 @@ -659,7 +720,7 @@ DNS=192.168.0.1</programlisting> </example> <example> - <title>/etc/systemd/network/bridge-slave-interface.network</title> + <title>&pkgsysconfdir;/network/bridge-slave-interface.network</title> <programlisting>[Match] Name=enp2s0 @@ -668,7 +729,7 @@ Name=enp2s0 Bridge=bridge0</programlisting> </example> <example> - <title>/etc/systemd/network/ipip.network</title> + <title>&pkgsysconfdir;/network/ipip.network</title> <programlisting>[Match] Name=em1 @@ -678,7 +739,7 @@ Tunnel=ipip-tun</programlisting> </example> <example> - <title>/etc/systemd/network/sit.network</title> + <title>&pkgsysconfdir;/network/sit.network</title> <programlisting>[Match] Name=em1 @@ -688,7 +749,7 @@ Tunnel=sit-tun</programlisting> </example> <example> - <title>/etc/systemd/network/gre.network</title> + <title>&pkgsysconfdir;/network/gre.network</title> <programlisting>[Match] Name=em1 @@ -698,7 +759,7 @@ Tunnel=gre-tun</programlisting> </example> <example> - <title>/etc/systemd/network/vti.network</title> + <title>&pkgsysconfdir;/network/vti.network</title> <programlisting>[Match] Name=em1 |