systemd.network systemd Developer Tom Gundersen teg@jklm.no systemd.netdev 5 systemd.netdev Virtual Network Device configuration netdev.netdev Description Network setup is performed by systemd-networkd8. Virtual Network Device files must have the extension .netdev; other extensions are ignored. Virtual network devices are created as soon as networkd is started. The .netdev files are read from the files located in the system network directory /usr/lib/systemd/network, the volatile runtime network directory /run/systemd/network and the local administration network directory /etc/systemd/network. All configuration files are collectively sorted and processed in lexical order, regardless of the directories in which they live. However, files with identical filenames replace each other. Files in /etc have the highest priority, files in /run take precedence over files with the same name in /usr/lib. This can be used to override a system-supplied configuration file with a local file if needed; a symlink in /etc with the same name as a configuration file in /usr/lib, pointing to /dev/null, disables the configuration file entirely. [Match] Section Options A virtual network device is only created if the [Match] section matches the current environment, or if the section is empty. The following keys are accepted: Host= Matches against the hostname or machine ID of the host. See ConditionHost= in systemd.unit5 for details. Virtualization= Checks whether the system is executed in a virtualized environment and optionally test whether it is a specific implementation. See ConditionVirtualization= in systemd.unit5 for details. KernelCommandLine= Checks whether a specific kernel command line option is set (or if prefixed with the exclamation mark unset). See ConditionKernelCommandLine= in systemd.unit5 for details. Architecture= Checks whether the system is running on a specific architecture. See ConditionArchitecture= in systemd.unit5 for details. [NetDev] Section Options The [NetDev] section accepts the following keys: Description= A free-form description of the netdev. Name= The interface name used when creating the netdev. This option is compulsory. Kind= The netdev kind. Currently, bridge, bond, vlan, macvlan, vxlan, ipip, gre, sit, vti, veth are supported. This option is compulsory. MTUBytes= The maximum transmission unit in bytes to set for the device. The usual suffixes K, M, G, are supported and are understood to the base of 1024. MACAddress= The MAC address to use for the device. If none is given, one is generated based on the interface name and the machine-id5. [VLAN] Section Options The [VLAN] section only applies for netdevs of kind vlan, and accepts the following key: Id= The VLAN ID to use. An integer in the range 0–4094. This option is compulsory. [MACVLAN] Section Options The [MACVLAN] section only applies for netdevs of kind macvlan, and accepts the following key: Mode= The MACVLAN mode to use. The supported options are private, vepa, bridge and passthru. [VXLAN] Section Options The [VXLAN] section only applies for netdevs of kind vxlan, and accepts the following key: Id= The VXLAN ID to use. Group= An assigned multicast group IP address. TOS= The Type Of Service byte value for a vxlan interface. TTL= A fixed Time To Live N on Virtual eXtensible Local Area Network packets. N is a number in the range 1-255. 0 is a special value meaning that packets inherit the TTL value. MacLearning= A boolean. When true, enables dynamic MAC learning to discover remote MAC addresses. [Tunnel] Section Options The [Tunnel] section only applies for netdevs of kind ipip, sit, gre and vti and accepts the following keys: Local= A static local address for tunneled packets. It must be an address on another interface of this host. Remote= The remote endpoint of the tunnel. TOS= The Type Of Service byte value for a tunnel interface. For details about the TOS see the Type of Service in the Internet Protocol Suite document. TTL= A fixed Time To Live N on tunneled packets. N is a number in the range 1-255. 0 is a special value meaning that packets inherit the TTL value. The default value for IPv4 tunnels is: inherit. The default value for IPv6 tunnels is: 64. DiscoverPathMTU= A boolean. When true, enables Path MTU Discovery on the tunnel. [Peer] Section Options The [Peer] section only applies for netdevs of kind veth and accepts the following key: Name= The interface name used when creating the netdev. This option is compulsory. MACAddress= The peer MACAddress, if not set it is generated in the same way as the MAC address of the main interface. Example /etc/systemd/network/bridge.netdev [NetDev] Name=bridge0 Kind=bridge /etc/systemd/network/vlan1.netdev [Match] Virtualization=no [NetDev] Name=vlan1 Kind=vlan [VLAN] Id=1 /etc/systemd/network/ipip.netdev [NetDev] Name=ipip-tun Kind=ipip MTUBytes=1480 [Tunnel] Local=192.168.223.238 Remote=192.169.224.239 TTL=64 /etc/systemd/network/sit.netdev [NetDev] Name=sit-tun Kind=sit MTUBytes=1480 [Tunnel] Local=10.65.223.238 Remote=10.65.223.239 /etc/systemd/network/gre.netdev [NetDev] Name=gre-tun Kind=gre MTUBytes=1480 [Tunnel] Local=10.65.223.238 Remote=10.65.223.239 /etc/systemd/network/vti.netdev [NetDev] Name=vti-tun Kind=vti MTUBytes=1480 [Tunnel] Local=10.65.223.238 Remote=10.65.223.239 /etc/systemd/network/veth.netdev [NetDev] Name=veth-test Kind=veth [Peer] Name=veth-peer See Also systemd1, systemd-networkd8, systemd.network5