diff options
Diffstat (limited to '')
-rw-r--r-- | man/systemd.link.xml | 1250 |
1 files changed, 1250 insertions, 0 deletions
diff --git a/man/systemd.link.xml b/man/systemd.link.xml new file mode 100644 index 0000000..cc55b02 --- /dev/null +++ b/man/systemd.link.xml @@ -0,0 +1,1250 @@ +<?xml version='1.0'?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> +<!-- SPDX-License-Identifier: LGPL-2.1-or-later --> + +<refentry id="systemd.link"> + <refentryinfo> + <title>systemd.link</title> + <productname>systemd</productname> + </refentryinfo> + + <refmeta> + <refentrytitle>systemd.link</refentrytitle> + <manvolnum>5</manvolnum> + </refmeta> + + <refnamediv> + <refname>systemd.link</refname> + <refpurpose>Network device configuration</refpurpose> + </refnamediv> + + <refsynopsisdiv> + <para><filename><replaceable>link</replaceable>.link</filename></para> + </refsynopsisdiv> + + <refsect1> + <title>Description</title> + + <para>A plain ini-style text file that encodes configuration for matching network devices, used by + <citerefentry><refentrytitle>systemd-udevd</refentrytitle><manvolnum>8</manvolnum></citerefentry> and in + particular its <command>net_setup_link</command> builtin. See + <citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>7</manvolnum></citerefentry> for a + general description of the syntax.</para> + + <para>The <filename>.link</filename> files are read from the files located in the system network + directory <filename>/usr/lib/systemd/network</filename> and + <filename>/usr/local/lib/systemd/network</filename>, the volatile runtime network directory + <filename>/run/systemd/network</filename>, and the local administration network directory + <filename>/etc/systemd/network</filename>. All configuration files are collectively sorted and + processed in alphanumeric order, regardless of the directories in which they live. However, files + with identical filenames replace each other. It is recommended that each filename is prefixed with + a number (e.g. <filename>10-eth0.link</filename>). Otherwise, the default + <filename>.link</filename> files or those generated by + <citerefentry><refentrytitle>systemd-network-generator.service</refentrytitle><manvolnum>8</manvolnum></citerefentry> + may take precedence over user configured files. Files in <filename>/etc/</filename> have the + highest priority, files in <filename>/run/</filename> take precedence over files with the same name + in <filename>/usr/lib/</filename>. This can be used to override a system-supplied link file with a + local file if needed. As a special case, an empty file (file size 0) or symlink with the same name + pointing to <filename>/dev/null</filename> disables the configuration file entirely (it is + "masked").</para> + + <para>Along with the link file <filename>foo.link</filename>, a "drop-in" directory + <filename>foo.link.d/</filename> may exist. All files with the suffix <literal>.conf</literal> + from this directory will be merged in the alphanumeric order and parsed after the main file itself + has been parsed. This is useful to alter or add configuration settings, without having to modify + the main configuration file. Each drop-in file must have appropriate section headers.</para> + + <para>In addition to <filename>/etc/systemd/network</filename>, drop-in <literal>.d</literal> + directories can be placed in <filename>/usr/lib/systemd/network</filename> or + <filename>/run/systemd/network</filename> directories. Drop-in files in <filename>/etc/</filename> + take precedence over those in <filename>/run/</filename> which in turn take precedence over those + in <filename>/usr/lib/</filename>. Drop-in files under any of these directories take precedence + over the main link file wherever located.</para> + + <para>The link file contains a [Match] section, which determines if a given link file may be applied to a + given device, as well as a [Link] section specifying how the device should be configured. The first (in + lexical order) of the link files that matches a given device is applied. Note that a default file + <filename>99-default.link</filename> is shipped by the system. Any user-supplied + <filename>.link</filename> should hence have a lexically earlier name to be considered at all.</para> + + <para>See <citerefentry><refentrytitle>udevadm</refentrytitle><manvolnum>8</manvolnum></citerefentry> for + diagnosing problems with <filename>.link</filename> files.</para> + </refsect1> + + <refsect1> + <title>[Match] Section Options</title> + + <para>A link file is said to match an interface if all matches specified by the [Match] section are + satisfied. When a link file does not contain valid settings in [Match] section, then the file will + match all interfaces and <command>systemd-udevd</command> warns about that. Hint: to avoid the + warning and to make it clear that all interfaces shall be matched, add the following: + <programlisting>OriginalName=*</programlisting> + The first (in alphanumeric order) of the link files that matches a given interface is applied, all + later files are ignored, even if they match as well. The following keys are accepted:</para> + + <variablelist class='network-directives'> + <!-- This list is reused in systemd.network(3), hence maintain a specific order: + 1. device matches shared between the two lists + 2. non-shared settings + 3. host matches shared between the two lists + --> + + <varlistentry id='mac-address'> + <term><varname>MACAddress=</varname></term> + <listitem> + <para>A whitespace-separated list of hardware addresses. The acceptable formats are:</para> + + <variablelist> + <varlistentry> + <term><option>colon-delimited hexadecimal</option></term> + <listitem><para> + Each field must be one byte. + E.g. <literal>12:34:56:78:90:ab</literal> or <literal>AA:BB:CC:DD:EE:FF</literal>. + </para></listitem> + </varlistentry> + <varlistentry> + <term><option>hyphen-delimited hexadecimal</option></term> + <listitem><para> + Each field must be one byte. + E.g. <literal>12-34-56-78-90-ab</literal> or <literal>AA-BB-CC-DD-EE-FF</literal>. + </para></listitem> + </varlistentry> + <varlistentry> + <term><option>dot-delimited hexadecimal</option></term> + <listitem><para> + Each field must be two bytes. + E.g. <literal>1234.5678.90ab</literal> or <literal>AABB.CCDD.EEFF</literal>. + </para></listitem> + </varlistentry> + <varlistentry> + <term><option>IPv4 address format</option></term> + <listitem><para> + E.g. <literal>127.0.0.1</literal> or <literal>192.168.0.1</literal>. + </para></listitem> + </varlistentry> + <varlistentry> + <term><option>IPv6 address format</option></term> + <listitem><para> + E.g. <literal>2001:0db8:85a3::8a2e:0370:7334</literal> or <literal>::1</literal>. + </para></listitem> + </varlistentry> + </variablelist> + + <para>The total length of each MAC address must be 4 (for IPv4 tunnel), 6 (for Ethernet), 16 + (for IPv6 tunnel), or 20 (for InfiniBand). This option may appear more than once, in which + case the lists are merged. If the empty string is assigned to this option, the list of + hardware addresses defined prior to this is reset. Defaults to unset.</para> + </listitem> + </varlistentry> + + <varlistentry id='permanent-mac-address'> + <term><varname>PermanentMACAddress=</varname></term> + <listitem> + <para>A whitespace-separated list of hardware's permanent addresses. While + <varname>MACAddress=</varname> matches the device's current MAC address, this matches the + device's permanent MAC address, which may be different from the current one. Use full + colon-, hyphen- or dot-delimited hexadecimal, or IPv4 or IPv6 address format. This option may + appear more than once, in which case the lists are merged. If the empty string is assigned to + this option, the list of hardware addresses defined prior to this is reset. Defaults to + unset.</para> + </listitem> + </varlistentry> + + <varlistentry id='path'> + <term><varname>Path=</varname></term> + <listitem> + <para>A whitespace-separated list of shell-style globs matching + the persistent path, as exposed by the udev property + <varname>ID_PATH</varname>.</para> + </listitem> + </varlistentry> + + <varlistentry id='driver'> + <term><varname>Driver=</varname></term> + <listitem> + <para>A whitespace-separated list of shell-style globs matching the driver currently bound to the + device, as exposed by the udev property <varname>ID_NET_DRIVER</varname> of its parent device, or + if that is not set, the driver as exposed by <command>ethtool -i</command> of the device itself. + If the list is prefixed with a "!", the test is inverted.</para> + </listitem> + </varlistentry> + + <varlistentry id='type'> + <term><varname>Type=</varname></term> + <listitem> + <para>A whitespace-separated list of shell-style globs matching the device type, as exposed by + <command>networkctl list</command>. If the list is prefixed with a "!", the test is inverted. + Some valid values are <literal>ether</literal>, <literal>loopback</literal>, <literal>wlan</literal>, <literal>wwan</literal>. + Valid types are named either from the udev <literal>DEVTYPE</literal> attribute, or + <literal>ARPHRD_</literal> macros in <filename>linux/if_arp.h</filename>, so this is not comprehensive. + </para> + </listitem> + </varlistentry> + + <varlistentry id='kind'> + <term><varname>Kind=</varname></term> + <listitem> + <para>A whitespace-separated list of shell-style globs matching the device kind, as exposed by + <command>networkctl status <replaceable>INTERFACE</replaceable></command> or + <command>ip -d link show <replaceable>INTERFACE</replaceable></command>. If the list is + prefixed with a "!", the test is inverted. Some valid values are <literal>bond</literal>, + <literal>bridge</literal>, <literal>gre</literal>, <literal>tun</literal>, + <literal>veth</literal>. Valid kinds are given by netlink's <literal>IFLA_INFO_KIND</literal> + attribute, so this is not comprehensive. + </para> + </listitem> + </varlistentry> + + <varlistentry id='property'> + <term><varname>Property=</varname></term> + <listitem> + <para>A whitespace-separated list of udev property names with their values after equals sign + (<literal>=</literal>). If multiple properties are specified, the test results are ANDed. + If the list is prefixed with a "!", the test is inverted. If a value contains white + spaces, then please quote whole key and value pair. If a value contains quotation, then + please escape the quotation with <literal>\</literal>.</para> + + <para>Example: if a .link file has the following: + <programlisting>Property=ID_MODEL_ID=9999 "ID_VENDOR_FROM_DATABASE=vendor name" "KEY=with \"quotation\""</programlisting> + then, the .link file matches only when an interface has all the above three properties. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><varname>OriginalName=</varname></term> + <listitem> + <para>A whitespace-separated list of shell-style globs matching the device name, as exposed by the + udev property "INTERFACE". This cannot be used to match on names that have already been changed + from userspace. Caution is advised when matching on kernel-assigned names, as they are known to be + unstable between reboots.</para> + </listitem> + </varlistentry> + + <varlistentry id='host'> + <term><varname>Host=</varname></term> + <listitem> + <para>Matches against the hostname or machine ID of the host. See <varname>ConditionHost=</varname> in + <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> + for details. When prefixed with an exclamation mark (<literal>!</literal>), the result is negated. + If an empty string is assigned, the previously assigned value is cleared. + </para> + </listitem> + </varlistentry> + + <varlistentry id='virtualization'> + <term><varname>Virtualization=</varname></term> + <listitem> + <para>Checks whether the system is executed in a virtualized environment and optionally test + whether it is a specific implementation. See <varname>ConditionVirtualization=</varname> in + <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> + for details. When prefixed with an exclamation mark (<literal>!</literal>), the result is negated. + If an empty string is assigned, the previously assigned value is cleared. + </para> + </listitem> + </varlistentry> + + <varlistentry id='kernel-command-line'> + <term><varname>KernelCommandLine=</varname></term> + <listitem> + <para>Checks whether a specific kernel command line option is set. See + <varname>ConditionKernelCommandLine=</varname> in + <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> + for details. When prefixed with an exclamation mark (<literal>!</literal>), the result is negated. + If an empty string is assigned, the previously assigned value is cleared. + </para> + </listitem> + </varlistentry> + + <varlistentry id='kernel-version'> + <term><varname>KernelVersion=</varname></term> + <listitem> + <para>Checks whether the kernel version (as reported by <command>uname -r</command>) matches a certain + expression. See <varname>ConditionKernelVersion=</varname> in + <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> for + details. When prefixed with an exclamation mark (<literal>!</literal>), the result is negated. + If an empty string is assigned, the previously assigned value is cleared. + </para> + </listitem> + </varlistentry> + + <varlistentry id='credential'> + <term><varname>Credential=</varname></term> + <listitem> + <para>Checks whether the specified credential was passed to the + <filename>systemd-networkd.service</filename> service. See <ulink + url="https://systemd.io/CREDENTIALS">System and Service Credentials</ulink> for details. When + prefixed with an exclamation mark (<literal>!</literal>), the result is negated. If an empty + string is assigned, the previously assigned value is cleared. + </para> + </listitem> + </varlistentry> + + <varlistentry id='architecture'> + <term><varname>Architecture=</varname></term> + <listitem> + <para>Checks whether the system is running on a specific architecture. See + <varname>ConditionArchitecture=</varname> in + <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> + for details. When prefixed with an exclamation mark (<literal>!</literal>), the result is negated. + If an empty string is assigned, the previously assigned value is cleared. + </para> + </listitem> + </varlistentry> + + <varlistentry id='firmware'> + <term><varname>Firmware=</varname></term> + <listitem> + <para>Checks whether the system is running on a machine with the specified firmware. See + <varname>ConditionFirmware=</varname> in + <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> + for details. When prefixed with an exclamation mark (<literal>!</literal>), the result is negated. + If an empty string is assigned, the previously assigned value is cleared. + </para> + </listitem> + </varlistentry> + </variablelist> + + </refsect1> + + <refsect1> + <title>[Link] Section Options</title> + + <para>The [Link] section accepts the following + keys:</para> + + <variablelist class='network-directives'> + <varlistentry> + <term><varname>Description=</varname></term> + <listitem> + <para>A description of the device.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>Alias=</varname></term> + <listitem> + <para>The <varname>ifalias</varname> interface property is set to this value.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>MACAddressPolicy=</varname></term> + <listitem> + <para>The policy by which the MAC address should be set. The + available policies are: + </para> + + <variablelist> + <varlistentry> + <term><option>persistent</option></term> + <listitem> + <para>If the hardware has a persistent MAC address, as + most hardware should, and if it is used by the kernel, + nothing is done. Otherwise, a new MAC address is + generated which is guaranteed to be the same on every + boot for the given machine and the given device, but + which is otherwise random. This feature depends on ID_NET_NAME_* + properties to exist for the link. On hardware where these + properties are not set, the generation of a persistent MAC address + will fail.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>random</option></term> + <listitem> + <para>If the kernel is using a random MAC address, + nothing is done. Otherwise, a new address is randomly + generated each time the device appears, typically at + boot. Either way, the random address will have the + <literal>unicast</literal> and + <literal>locally administered</literal> bits set.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>none</option></term> + <listitem> + <para>Keeps the MAC address assigned by the kernel. Or use the MAC address specified in + <varname>MACAddress=</varname>.</para> + </listitem> + </varlistentry> + </variablelist> + + <para>An empty string assignment is equivalent to setting <literal>none</literal>.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>MACAddress=</varname></term> + <listitem> + <para>The interface MAC address to use. For this setting to take effect, + <varname>MACAddressPolicy=</varname> must either be unset, empty, or <literal>none</literal>. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>NamePolicy=</varname></term> + <listitem> + <para>An ordered, space-separated list of policies by which the interface name should be set. + <varname>NamePolicy=</varname> may be disabled by specifying <option>net.ifnames=0</option> on the + kernel command line. Each of the policies may fail, and the first successful one is used. The name + is not set directly, but is exported to udev as the property <option>ID_NET_NAME</option>, which + is, by default, used by a + <citerefentry><refentrytitle>udev</refentrytitle><manvolnum>7</manvolnum></citerefentry>, + rule to set <varname>NAME</varname>. The available policies are: + </para> + + <variablelist> + <varlistentry> + <term><option>kernel</option></term> + <listitem> + <para>If the kernel claims that the name it has set + for a device is predictable, then no renaming is + performed.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>database</option></term> + <listitem> + <para>The name is set based on entries in the udev's + Hardware Database with the key + <varname>ID_NET_NAME_FROM_DATABASE</varname>. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>onboard</option></term> + <listitem> + <para>The name is set based on information given by + the firmware for on-board devices, as exported by the + udev property <varname>ID_NET_NAME_ONBOARD</varname>. + See <citerefentry><refentrytitle>systemd.net-naming-scheme</refentrytitle><manvolnum>7</manvolnum></citerefentry>. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>slot</option></term> + <listitem> + <para>The name is set based on information given by + the firmware for hot-plug devices, as exported by the + udev property <varname>ID_NET_NAME_SLOT</varname>. + See <citerefentry><refentrytitle>systemd.net-naming-scheme</refentrytitle><manvolnum>7</manvolnum></citerefentry>. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>path</option></term> + <listitem> + <para>The name is set based on the device's physical + location, as exported by the udev property + <varname>ID_NET_NAME_PATH</varname>. + See <citerefentry><refentrytitle>systemd.net-naming-scheme</refentrytitle><manvolnum>7</manvolnum></citerefentry>. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>mac</option></term> + <listitem> + <para>The name is set based on the device's persistent + MAC address, as exported by the udev property + <varname>ID_NET_NAME_MAC</varname>. + See <citerefentry><refentrytitle>systemd.net-naming-scheme</refentrytitle><manvolnum>7</manvolnum></citerefentry>. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>keep</option></term> + <listitem> + <para>If the device already had a name given by userspace (as part of creation of the device + or a rename), keep it.</para> + </listitem> + </varlistentry> + </variablelist> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>Name=</varname></term> + <listitem> + <para>The interface name to use. This option has lower precedence than + <varname>NamePolicy=</varname>, so for this setting to take effect, <varname>NamePolicy=</varname> + must either be unset, empty, disabled, or all policies configured there must fail. Also see the + example below with <literal>Name=dmz0</literal>.</para> + + <para>Note that specifying a name that the kernel might use for another interface (for example + <literal>eth0</literal>) is dangerous because the name assignment done by udev will race with the + assignment done by the kernel, and only one interface may use the name. Depending on the order of + operations, either udev or the kernel will win, making the naming unpredictable. It is best to use + some different prefix, for example <literal>internal0</literal>/<literal>external0</literal> or + <literal>lan0</literal>/<literal>lan1</literal>/<literal>lan3</literal>.</para> + + <para>Interface names must have a minimum length of 1 character and a maximum length of 15 + characters, and may contain any 7bit ASCII character, with the exception of control characters, + <literal>:</literal>, <literal>/</literal> and <literal>%</literal>. While <literal>.</literal> is + an allowed character, it's recommended to avoid it when naming interfaces as various tools (such as + <citerefentry><refentrytitle>resolvconf</refentrytitle><manvolnum>1</manvolnum></citerefentry>) use + it as separator character. Also, fully numeric interface names are not allowed (in order to avoid + ambiguity with interface specification by numeric indexes), as are the special strings + <literal>.</literal>, <literal>..</literal>, <literal>all</literal> and + <literal>default</literal>.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>AlternativeNamesPolicy=</varname></term> + <listitem> + <para>A space-separated list of policies by which the interface's alternative names + should be set. Each of the policies may fail, and all successful policies are used. The + available policies are <literal>database</literal>, <literal>onboard</literal>, + <literal>slot</literal>, <literal>path</literal>, and <literal>mac</literal>. If the + kernel does not support the alternative names, then this setting will be ignored. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>AlternativeName=</varname></term> + <listitem> + <para>The alternative interface name to use. This option can be specified multiple times. + If the empty string is assigned to this option, the list is reset, and all prior assignments + have no effect. If the kernel does not support the alternative names, then this setting will + be ignored.</para> + + <para>Alternative interface names may be used to identify interfaces in various tools. In contrast + to the primary name (as configured with <varname>Name=</varname> above) there may be multiple + alternative names referring to the same interface. Alternative names may have a maximum length of + 127 characters, in contrast to the 15 allowed for the primary interface name, but otherwise are + subject to the same naming constraints.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>TransmitQueues=</varname></term> + <listitem> + <para>Specifies the device's number of transmit queues. An integer in the range 1…4096. + When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>ReceiveQueues=</varname></term> + <listitem> + <para>Specifies the device's number of receive queues. An integer in the range 1…4096. + When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>TransmitQueueLength=</varname></term> + <listitem> + <para>Specifies the transmit queue length of the device in number of packets. An unsigned integer + in the range 0…4294967294. When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>MTUBytes=</varname></term> + <listitem> + <para>The maximum transmission unit in bytes to set for the + device. The usual suffixes K, M, G are supported and are + understood to the base of 1024.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>BitsPerSecond=</varname></term> + <listitem> + <para>The speed to set for the device, the value is rounded + down to the nearest Mbps. The usual suffixes K, M, G are + supported and are understood to the base of 1000.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>Duplex=</varname></term> + <listitem> + <para>The duplex mode to set for the device. The accepted values are <option>half</option> and + <option>full</option>.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>AutoNegotiation=</varname></term> + <listitem> + <para>Takes a boolean. If set to yes, automatic negotiation of transmission parameters is enabled. + Autonegotiation is a procedure by which two connected ethernet devices choose + common transmission parameters, such as speed, duplex mode, and flow control. + When unset, the kernel's default will be used.</para> + + <para>Note that if autonegotiation is enabled, speed and duplex settings are + read-only. If autonegotiation is disabled, speed and duplex settings are writable + if the driver supports multiple link modes.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>WakeOnLan=</varname></term> + <listitem> + <para>The Wake-on-LAN policy to set for the device. Takes the special value + <literal>off</literal> which disables Wake-on-LAN, or space separated list of the following + words:</para> + + <variablelist> + <varlistentry> + <term><option>phy</option></term> + <listitem> + <para>Wake on PHY activity.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>unicast</option></term> + <listitem> + <para>Wake on unicast messages.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>multicast</option></term> + <listitem> + <para>Wake on multicast messages.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>broadcast</option></term> + <listitem> + <para>Wake on broadcast messages.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>arp</option></term> + <listitem> + <para>Wake on ARP.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>magic</option></term> + <listitem> + <para>Wake on receipt of a magic packet. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>secureon</option></term> + <listitem> + <para>Enable SecureOn password for MagicPacket. Implied when + <varname>WakeOnLanPassword=</varname> is specified. If specified without + <varname>WakeOnLanPassword=</varname> option, then the password is read from the + credential <literal><replaceable>LINK</replaceable>.link.wol.password</literal> (e.g., + <literal>60-foo.link.wol.password</literal>), and if the credential not found, then + read from <literal>wol.password</literal>. See + <varname>LoadCredential=</varname>/<varname>SetCredential=</varname> in + <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>1</manvolnum></citerefentry> + for details. The password in the credential, must be 6 bytes in hex format with each + byte separated by a colon (<literal>:</literal>) like an Ethernet MAC address, e.g., + <literal>aa:bb:cc:dd:ee:ff</literal>.</para> + </listitem> + </varlistentry> + </variablelist> + + <para>Defaults to unset, and the device's default will be used. This setting can be specified + multiple times. If an empty string is assigned, then the all previous assignments are + cleared.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>WakeOnLanPassword=</varname></term> + <listitem> + <para>Specifies the SecureOn password for MagicPacket. Takes an absolute path to a regular + file or an <constant>AF_UNIX</constant> stream socket, or the plain password. When a path to + a regular file is specified, the password is read from it. When an + <constant>AF_UNIX</constant> stream socket is specified, a connection is made to it and the + password is read from it. The password must be 6 bytes in hex format with each byte separated + by a colon (<literal>:</literal>) like an Ethernet MAC address, e.g., + <literal>aa:bb:cc:dd:ee:ff</literal>. This implies <varname>WakeOnLan=secureon</varname>. + Defaults to unset, and the current value will not be changed.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>Port=</varname></term> + <listitem> + <para>The port option is used to select the device port. The + supported values are:</para> + + <variablelist> + <varlistentry> + <term><option>tp</option></term> + <listitem> + <para>An Ethernet interface using Twisted-Pair cable as the medium.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>aui</option></term> + <listitem> + <para>Attachment Unit Interface (AUI). Normally used with hubs. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>bnc</option></term> + <listitem> + <para>An Ethernet interface using BNC connectors and co-axial cable.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>mii</option></term> + <listitem> + <para>An Ethernet interface using a Media Independent Interface (MII).</para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>fibre</option></term> + <listitem> + <para>An Ethernet interface using Optical Fibre as the medium.</para> + </listitem> + </varlistentry> + </variablelist> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>Advertise=</varname></term> + <listitem> + <para>This sets what speeds and duplex modes of operation are advertised for auto-negotiation. + This implies <literal>AutoNegotiation=yes</literal>. The supported values are: + + <table> + <title>Supported advertise values</title> + <tgroup cols='3'> + <colspec colname='Advertise' /> + <colspec colname='Speed' /> + <colspec colname='Duplex Mode' /> + + <thead><row> + <entry>Advertise</entry> + <entry>Speed (Mbps)</entry> + <entry>Duplex Mode</entry> + </row></thead> + <tbody> + <row><entry><option>10baset-half</option></entry> + <entry>10</entry><entry>half</entry></row> + + <row><entry><option>10baset-full</option></entry> + <entry>10</entry><entry>full</entry></row> + + <row><entry><option>100baset-half</option></entry> + <entry>100</entry><entry>half</entry></row> + + <row><entry><option>100baset-full</option></entry> + <entry>100</entry><entry>full</entry></row> + + <row><entry><option>1000baset-half</option></entry> + <entry>1000</entry><entry>half</entry></row> + + <row><entry><option>1000baset-full</option></entry> + <entry>1000</entry><entry>full</entry></row> + + <row><entry><option>10000baset-full</option></entry> + <entry>10000</entry><entry>full</entry></row> + + <row><entry><option>2500basex-full</option></entry> + <entry>2500</entry><entry>full</entry></row> + + <row><entry><option>1000basekx-full</option></entry> + <entry>1000</entry><entry>full</entry></row> + + <row><entry><option>10000basekx4-full</option></entry> + <entry>10000</entry><entry>full</entry></row> + + <row><entry><option>10000basekr-full</option></entry> + <entry>10000</entry><entry>full</entry></row> + + <row><entry><option>10000baser-fec</option></entry> + <entry>10000</entry><entry>full</entry></row> + + <row><entry><option>20000basemld2-full</option></entry> + <entry>20000</entry><entry>full</entry></row> + + <row><entry><option>20000basekr2-full</option></entry> + <entry>20000</entry><entry>full</entry></row> + </tbody> + </tgroup> + </table> + + By default this is unset, i.e. all possible modes will be advertised. + This option may be specified more than once, in which case all specified speeds and modes are advertised. + If the empty string is assigned to this option, the list is reset, and all prior assignments have no effect. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>ReceiveChecksumOffload=</varname></term> + <listitem> + <para>Takes a boolean. If set to true, hardware offload for checksumming of ingress + network packets is enabled. When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>TransmitChecksumOffload=</varname></term> + <listitem> + <para>Takes a boolean. If set to true, hardware offload for checksumming of egress + network packets is enabled. When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>TCPSegmentationOffload=</varname></term> + <listitem> + <para>Takes a boolean. If set to true, TCP Segmentation Offload (TSO) is enabled. + When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>TCP6SegmentationOffload=</varname></term> + <listitem> + <para>Takes a boolean. If set to true, TCP6 Segmentation Offload (tx-tcp6-segmentation) is enabled. + When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>GenericSegmentationOffload=</varname></term> + <listitem> + <para>Takes a boolean. If set to true, Generic Segmentation Offload (GSO) is enabled. + When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>GenericReceiveOffload=</varname></term> + <listitem> + <para>Takes a boolean. If set to true, Generic Receive Offload (GRO) is enabled. + When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>GenericReceiveOffloadHardware=</varname></term> + <listitem> + <para>Takes a boolean. If set to true, hardware accelerated Generic Receive Offload (GRO) is + enabled. When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>LargeReceiveOffload=</varname></term> + <listitem> + <para>Takes a boolean. If set to true, Large Receive Offload (LRO) is enabled. + When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>ReceiveVLANCTAGHardwareAcceleration=</varname></term> + <listitem> + <para>Takes a boolean. If set to true, receive VLAN CTAG hardware acceleration is enabled. + When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>TransmitVLANCTAGHardwareAcceleration=</varname></term> + <listitem> + <para>Takes a boolean. If set to true, transmit VLAN CTAG hardware acceleration is enabled. + When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>ReceiveVLANCTAGFilter=</varname></term> + <listitem> + <para>Takes a boolean. If set to true, receive filtering on VLAN CTAGs is enabled. + When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>TransmitVLANSTAGHardwareAcceleration=</varname></term> + <listitem> + <para>Takes a boolean. If set to true, transmit VLAN STAG hardware acceleration is enabled. + When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>NTupleFilter=</varname></term> + <listitem> + <para>Takes a boolean. If set to true, receive N-tuple filters and actions are enabled. + When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>RxChannels=</varname></term> + <term><varname>TxChannels=</varname></term> + <term><varname>OtherChannels=</varname></term> + <term><varname>CombinedChannels=</varname></term> + <listitem> + <para>Specifies the number of receive, transmit, other, or combined channels, respectively. + Takes an unsigned integer in the range 1…4294967295 or <literal>max</literal>. If set to + <literal>max</literal>, the advertised maximum value of the hardware will be used. When + unset, the number will not be changed. Defaults to unset.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>RxBufferSize=</varname></term> + <term><varname>RxMiniBufferSize=</varname></term> + <term><varname>RxJumboBufferSize=</varname></term> + <term><varname>TxBufferSize=</varname></term> + <listitem> + <para>Specifies the maximum number of pending packets in the NIC receive buffer, mini receive + buffer, jumbo receive buffer, or transmit buffer, respectively. Takes an unsigned integer in + the range 1…4294967295 or <literal>max</literal>. If set to <literal>max</literal>, the + advertised maximum value of the hardware will be used. When unset, the number will not be + changed. Defaults to unset.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>RxFlowControl=</varname></term> + <listitem> + <para>Takes a boolean. When set, enables receive flow control, also known as the ethernet + receive PAUSE message (generate and send ethernet PAUSE frames). When unset, the kernel's + default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>TxFlowControl=</varname></term> + <listitem> + <para>Takes a boolean. When set, enables transmit flow control, also known as the ethernet + transmit PAUSE message (respond to received ethernet PAUSE frames). When unset, the kernel's + default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>AutoNegotiationFlowControl=</varname></term> + <listitem> + <para>Takes a boolean. When set, auto negotiation enables the interface to exchange state + advertisements with the connected peer so that the two devices can agree on the ethernet + PAUSE configuration. When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>GenericSegmentOffloadMaxBytes=</varname></term> + <listitem> + <para>Specifies the maximum size of a Generic Segment Offload (GSO) packet the + device should accept. The usual suffixes K, M, G are supported and are + understood to the base of 1024. An unsigned integer in the range 1…65536. + Defaults to unset.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>GenericSegmentOffloadMaxSegments=</varname></term> + <listitem> + <para>Specifies the maximum number of Generic Segment Offload (GSO) segments the device should + accept. An unsigned integer in the range 1…65535. Defaults to unset.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>UseAdaptiveRxCoalesce=</varname></term> + <term><varname>UseAdaptiveTxCoalesce=</varname></term> + <listitem> + <para>Boolean properties that, when set, enable/disable adaptive Rx/Tx coalescing if the hardware + supports it. When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>RxCoalesceSec=</varname></term> + <term><varname>RxCoalesceIrqSec=</varname></term> + <term><varname>RxCoalesceLowSec=</varname></term> + <term><varname>RxCoalesceHighSec=</varname></term> + <term><varname>TxCoalesceSec=</varname></term> + <term><varname>TxCoalesceIrqSec=</varname></term> + <term><varname>TxCoalesceLowSec=</varname></term> + <term><varname>TxCoalesceHighSec=</varname></term> + <listitem> + <para>These properties configure the delay before Rx/Tx interrupts are generated after a packet is + sent/received. The <literal>Irq</literal> properties come into effect when the host is servicing an + IRQ. The <literal>Low</literal> and <literal>High</literal> properties come into effect when the + packet rate drops below the low packet rate threshold or exceeds the high packet rate threshold + respectively if adaptive Rx/Tx coalescing is enabled. When unset, the kernel's defaults will be + used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>RxMaxCoalescedFrames=</varname></term> + <term><varname>RxMaxCoalescedIrqFrames=</varname></term> + <term><varname>RxMaxCoalescedLowFrames=</varname></term> + <term><varname>RxMaxCoalescedHighFrames=</varname></term> + <term><varname>TxMaxCoalescedFrames=</varname></term> + <term><varname>TxMaxCoalescedIrqFrames=</varname></term> + <term><varname>TxMaxCoalescedLowFrames=</varname></term> + <term><varname>TxMaxCoalescedHighFrames=</varname></term> + <listitem> + <para>These properties configure the maximum number of frames that are sent/received before a Rx/Tx + interrupt is generated. The <literal>Irq</literal> properties come into effect when the host is + servicing an IRQ. The <literal>Low</literal> and <literal>High</literal> properties come into + effect when the packet rate drops below the low packet rate threshold or exceeds the high packet + rate threshold respectively if adaptive Rx/Tx coalescing is enabled. When unset, the kernel's + defaults will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>CoalescePacketRateLow=</varname></term> + <term><varname>CoalescePacketRateHigh=</varname></term> + <listitem> + <para>These properties configure the low and high packet rate (expressed in packets per second) + threshold respectively and are used to determine when the corresponding coalescing settings for low + and high packet rates come into effect if adaptive Rx/Tx coalescing is enabled. If unset, the + kernel's defaults will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>CoalescePacketRateSampleIntervalSec=</varname></term> + <listitem> + <para>Configures how often to sample the packet rate used for adaptive Rx/Tx coalescing. This + property cannot be zero. This lowest time granularity supported by this property is seconds. + Partial seconds will be rounded up before being passed to the kernel. If unset, the kernel's + default will be used.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>StatisticsBlockCoalesceSec=</varname></term> + <listitem> + <para>How long to delay driver in-memory statistics block updates. If the driver does not have an + in-memory statistic block, this property is ignored. This property cannot be zero. If unset, the + kernel's default will be used.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term><varname>MDI=</varname></term> + <listitem> + <para>Specifies the medium dependent interface (MDI) mode for the interface. A MDI describes + the interface from a physical layer implementation to the physical medium used to carry the + transmission. Takes one of the following words: <literal>straight</literal> (or equivalently: + <literal>mdi</literal>), <literal>crossover</literal> (or equivalently: + <literal>mdi-x</literal>, <literal>mdix</literal>), and <literal>auto</literal>. When + <literal>straight</literal>, the MDI straight through mode will be used. When + <literal>crossover</literal>, the MDI crossover (MDI-X) mode will be used. When + <literal>auto</literal>, the MDI status is automatically detected. Defaults to unset, and the + kernel's default will be used.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term><varname>SR-IOVVirtualFunctions=</varname></term> + <listitem> + <para>Specifies the number of SR-IOV virtual functions. Takes an integer in the range + 0…2147483647. Defaults to unset, and automatically determined from the values specified in + the <varname>VirtualFunction=</varname> settings in the [SR-IOV] sections.</para> + </listitem> + </varlistentry> + + </variablelist> + </refsect1> + + <refsect1 id='sr-iov'> + <title>[SR-IOV] Section Options</title> + <para>The [SR-IOV] section accepts the following keys. Specify several [SR-IOV] sections to + configure several SR-IOVs. SR-IOV provides the ability to partition a single physical PCI resource + into virtual PCI functions which can then be injected into a VM. In the case of network VFs, SR-IOV + improves north-south network performance (that is, traffic with endpoints outside the host machine) + by allowing traffic to bypass the host machine’s network stack.</para> + + <variablelist class='network-directives'> + <varlistentry> + <term><varname>VirtualFunction=</varname></term> + <listitem> + <para>Specifies a Virtual Function (VF), lightweight PCIe function designed solely to move + data in and out. Takes an integer in the range 0…2147483646. This option is compulsory. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><varname>VLANId=</varname></term> + <listitem> + <para>Specifies VLAN ID of the virtual function. Takes an integer in the range 1…4095.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term><varname>QualityOfService=</varname></term> + <listitem> + <para>Specifies quality of service of the virtual function. Takes an integer in the range + 1…4294967294.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term><varname>VLANProtocol=</varname></term> + <listitem> + <para>Specifies VLAN protocol of the virtual function. Takes <literal>802.1Q</literal> or + <literal>802.1ad</literal>.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term><varname>MACSpoofCheck=</varname></term> + <listitem> + <para>Takes a boolean. Controls the MAC spoof checking. When unset, the kernel's default will + be used.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term><varname>QueryReceiveSideScaling=</varname></term> + <listitem> + <para>Takes a boolean. Toggle the ability of querying the receive side scaling (RSS) + configuration of the virtual function (VF). The VF RSS information like RSS hash key may be + considered sensitive on some devices where this information is shared between VF and the + physical function (PF). When unset, the kernel's default will be used.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term><varname>Trust=</varname></term> + <listitem> + <para>Takes a boolean. Allows one to set trust mode of the virtual function (VF). When set, + VF users can set a specific feature which may impact security and/or performance. When unset, + the kernel's default will be used.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term><varname>LinkState=</varname></term> + <listitem> + <para>Allows one to set the link state of the virtual function (VF). Takes a boolean or a + special value <literal>auto</literal>. Setting to <literal>auto</literal> means a + reflection of the physical function (PF) link state, <literal>yes</literal> lets the VF to + communicate with other VFs on this host even if the PF link state is down, + <literal>no</literal> causes the hardware to drop any packets sent by the VF. When unset, + the kernel's default will be used.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term><varname>MACAddress=</varname></term> + <listitem> + <para>Specifies the MAC address for the virtual function.</para> + </listitem> + </varlistentry> + </variablelist> + </refsect1> + + <refsect1> + <title>Examples</title> + + <example> + <title>/usr/lib/systemd/network/99-default.link</title> + + <para>The link file <filename>99-default.link</filename> that is + shipped with systemd defines the default naming policy for + links.</para> + + <programlisting>[Link] +NamePolicy=kernel database onboard slot path +MACAddressPolicy=persistent</programlisting> + </example> + + <example> + <title>/etc/systemd/network/10-dmz.link</title> + + <para>This example assigns the fixed name <literal>dmz0</literal> to the interface with the MAC address + 00:a0:de:63:7a:e6:</para> + + <programlisting>[Match] +MACAddress=00:a0:de:63:7a:e6 + +[Link] +Name=dmz0</programlisting> + + <para><varname>NamePolicy=</varname> is not set, so <varname>Name=</varname> takes effect. We use the + <literal>10-</literal> prefix to order this file early in the list. Note that it needs to be before + <literal>99-link</literal>, i.e. it needs a numerical prefix, to have any effect at all.</para> + </example> + + <example> + <title>Debugging <varname>NamePolicy=</varname> assignments</title> + + <programlisting>$ sudo SYSTEMD_LOG_LEVEL=debug udevadm test-builtin net_setup_link /sys/class/net/hub0 +… +Parsed configuration file /usr/lib/systemd/network/99-default.link +Parsed configuration file /etc/systemd/network/10-eth0.link +ID_NET_DRIVER=cdc_ether +Config file /etc/systemd/network/10-eth0.link applies to device hub0 +link_config: autonegotiation is unset or enabled, the speed and duplex are not writable. +hub0: Device has name_assign_type=4 +Using default interface naming scheme 'v240'. +hub0: Policies didn't yield a name, using specified Name=hub0. +ID_NET_LINK_FILE=/etc/systemd/network/10-eth0.link +ID_NET_NAME=hub0 +…</programlisting> + + <para>Explicit <varname>Name=</varname> configuration wins in this case.</para> + + <programlisting>sudo SYSTEMD_LOG_LEVEL=debug udevadm test-builtin net_setup_link /sys/class/net/enp0s31f6 +… +Parsed configuration file /usr/lib/systemd/network/99-default.link +Parsed configuration file /etc/systemd/network/10-eth0.link +Created link configuration context. +ID_NET_DRIVER=e1000e +Config file /usr/lib/systemd/network/99-default.link applies to device enp0s31f6 +link_config: autonegotiation is unset or enabled, the speed and duplex are not writable. +enp0s31f6: Device has name_assign_type=4 +Using default interface naming scheme 'v240'. +enp0s31f6: Policy *keep*: keeping existing userspace name +enp0s31f6: Device has addr_assign_type=0 +enp0s31f6: MAC on the device already matches policy *persistent* +ID_NET_LINK_FILE=/usr/lib/systemd/network/99-default.link +… +</programlisting> + + <para>In this case, the interface was already renamed, so the <option>keep</option> policy specified as + the first option in <filename index="false">99-default.link</filename> means that the existing name is + preserved. If <option>keep</option> was removed, or if were in boot before the renaming has happened, + we might get the following instead:</para> + + <programlisting>enp0s31f6: Policy *path* yields "enp0s31f6". +enp0s31f6: Device has addr_assign_type=0 +enp0s31f6: MAC on the device already matches policy *persistent* +ID_NET_LINK_FILE=/usr/lib/systemd/network/99-default.link +ID_NET_NAME=enp0s31f6 +… +</programlisting> + + <para>Please note that the details of output are subject to change.</para> + </example> + + <example> + <title>/etc/systemd/network/10-internet.link</title> + + <para>This example assigns the fixed name + <literal>internet0</literal> to the interface with the device + path <literal>pci-0000:00:1a.0-*</literal>:</para> + + <programlisting>[Match] +Path=pci-0000:00:1a.0-* + +[Link] +Name=internet0</programlisting> + </example> + + <example> + <title>/etc/systemd/network/25-wireless.link</title> + + <para>Here's an overly complex example that shows the use of a large number of [Match] and [Link] settings.</para> + + <programlisting>[Match] +MACAddress=12:34:56:78:9a:bc +Driver=brcmsmac +Path=pci-0000:02:00.0-* +Type=wlan +Virtualization=no +Host=my-laptop +Architecture=x86-64 + +[Link] +Name=wireless0 +MTUBytes=1450 +BitsPerSecond=10M +WakeOnLan=magic +MACAddress=cb:a9:87:65:43:21</programlisting> + </example> + </refsect1> + + <refsect1> + <title>See Also</title> + <para> + <citerefentry> + <refentrytitle>systemd-udevd.service</refentrytitle><manvolnum>8</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>udevadm</refentrytitle><manvolnum>8</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>systemd-network-generator.service</refentrytitle><manvolnum>8</manvolnum> + </citerefentry> + </para> + </refsect1> + +</refentry> |