systemd/man/systemd.link.xml
Lennart Poettering 18cad4ebda
Merge pull request #27846 from keszybz/link-mode-generation
Autogenerate list of link modes
2023-06-13 23:03:51 +02:00

1230 lines
58 KiB
XML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?xml version='1.0'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
<refentry id="systemd.link"
xmlns:xi="http://www.w3.org/2001/XInclude">
<refentryinfo>
<title>systemd.link</title>
<productname>systemd</productname>
</refentryinfo>
<refmeta>
<refentrytitle>systemd.link</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>
<refnamediv>
<refname>systemd.link</refname>
<refpurpose>Network device configuration</refpurpose>
</refnamediv>
<refsynopsisdiv>
<para><filename><replaceable>link</replaceable>.link</filename></para>
</refsynopsisdiv>
<refsect1>
<title>Description</title>
<para>A plain ini-style text file that encodes configuration for matching network devices, used by
<citerefentry><refentrytitle>systemd-udevd</refentrytitle><manvolnum>8</manvolnum></citerefentry> and in
particular its <command>net_setup_link</command> builtin. See
<citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>7</manvolnum></citerefentry> for a
general description of the syntax.</para>
<para>The <filename>.link</filename> files are read from the files located in the system network
directory <filename>/usr/lib/systemd/network</filename> and
<filename>/usr/local/lib/systemd/network</filename>, the volatile runtime network directory
<filename>/run/systemd/network</filename>, and the local administration network directory
<filename>/etc/systemd/network</filename>. All configuration files are collectively sorted and
processed in alphanumeric order, regardless of the directories in which they live. However, files
with identical filenames replace each other. It is recommended that each filename is prefixed with
a number (e.g. <filename>10-eth0.link</filename>). Otherwise, the default
<filename>.link</filename> files or those generated by
<citerefentry><refentrytitle>systemd-network-generator.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
may take precedence over user configured files. Files in <filename>/etc/</filename> have the
highest priority, files in <filename>/run/</filename> take precedence over files with the same name
in <filename>/usr/lib/</filename>. This can be used to override a system-supplied link file with a
local file if needed. As a special case, an empty file (file size 0) or symlink with the same name
pointing to <filename>/dev/null</filename> disables the configuration file entirely (it is
"masked").</para>
<para>Along with the link file <filename>foo.link</filename>, a "drop-in" directory
<filename>foo.link.d/</filename> may exist. All files with the suffix <literal>.conf</literal>
from this directory will be merged in the alphanumeric order and parsed after the main file itself
has been parsed. This is useful to alter or add configuration settings, without having to modify
the main configuration file. Each drop-in file must have appropriate section headers.</para>
<para>In addition to <filename>/etc/systemd/network</filename>, drop-in <literal>.d</literal>
directories can be placed in <filename>/usr/lib/systemd/network</filename> or
<filename>/run/systemd/network</filename> directories. Drop-in files in <filename>/etc/</filename>
take precedence over those in <filename>/run/</filename> which in turn take precedence over those
in <filename>/usr/lib/</filename>. Drop-in files under any of these directories take precedence
over the main link file wherever located.</para>
<para>The link file contains a [Match] section, which determines if a given link file may be applied to a
given device, as well as a [Link] section specifying how the device should be configured. The first (in
lexical order) of the link files that matches a given device is applied. Note that a default file
<filename>99-default.link</filename> is shipped by the system. Any user-supplied
<filename>.link</filename> should hence have a lexically earlier name to be considered at all.</para>
<para>See <citerefentry><refentrytitle>udevadm</refentrytitle><manvolnum>8</manvolnum></citerefentry> for
diagnosing problems with <filename>.link</filename> files.</para>
</refsect1>
<refsect1>
<title>[Match] Section Options</title>
<para>A link file is said to match an interface if all matches specified by the [Match] section are
satisfied. When a link file does not contain valid settings in [Match] section, then the file will
match all interfaces and <command>systemd-udevd</command> warns about that. Hint: to avoid the
warning and to make it clear that all interfaces shall be matched, add the following:
<programlisting>OriginalName=*</programlisting>
The first (in alphanumeric order) of the link files that matches a given interface is applied, all
later files are ignored, even if they match as well. The following keys are accepted:</para>
<variablelist class='network-directives'>
<!-- This list is reused in systemd.network(3), hence maintain a specific order:
1. device matches shared between the two lists
2. non-shared settings
3. host matches shared between the two lists
-->
<varlistentry id='mac-address'>
<term><varname>MACAddress=</varname></term>
<listitem>
<para>A whitespace-separated list of hardware addresses. The acceptable formats are:</para>
<variablelist>
<varlistentry>
<term><option>colon-delimited hexadecimal</option></term>
<listitem><para>
Each field must be one byte.
E.g. <literal>12:34:56:78:90:ab</literal> or <literal>AA:BB:CC:DD:EE:FF</literal>.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>hyphen-delimited hexadecimal</option></term>
<listitem><para>
Each field must be one byte.
E.g. <literal>12-34-56-78-90-ab</literal> or <literal>AA-BB-CC-DD-EE-FF</literal>.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>dot-delimited hexadecimal</option></term>
<listitem><para>
Each field must be two bytes.
E.g. <literal>1234.5678.90ab</literal> or <literal>AABB.CCDD.EEFF</literal>.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>IPv4 address format</option></term>
<listitem><para>
E.g. <literal>127.0.0.1</literal> or <literal>192.168.0.1</literal>.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>IPv6 address format</option></term>
<listitem><para>
E.g. <literal>2001:0db8:85a3::8a2e:0370:7334</literal> or <literal>::1</literal>.
</para></listitem>
</varlistentry>
</variablelist>
<para>The total length of each MAC address must be 4 (for IPv4 tunnel), 6 (for Ethernet), 16
(for IPv6 tunnel), or 20 (for InfiniBand). This option may appear more than once, in which
case the lists are merged. If the empty string is assigned to this option, the list of
hardware addresses defined prior to this is reset. Defaults to unset.</para>
</listitem>
</varlistentry>
<varlistentry id='permanent-mac-address'>
<term><varname>PermanentMACAddress=</varname></term>
<listitem>
<para>A whitespace-separated list of hardware's permanent addresses. While
<varname>MACAddress=</varname> matches the device's current MAC address, this matches the
device's permanent MAC address, which may be different from the current one. Use full
colon-, hyphen- or dot-delimited hexadecimal, or IPv4 or IPv6 address format. This option may
appear more than once, in which case the lists are merged. If the empty string is assigned to
this option, the list of hardware addresses defined prior to this is reset. Defaults to
unset.</para>
</listitem>
</varlistentry>
<varlistentry id='path'>
<term><varname>Path=</varname></term>
<listitem>
<para>A whitespace-separated list of shell-style globs matching
the persistent path, as exposed by the udev property
<varname>ID_PATH</varname>.</para>
</listitem>
</varlistentry>
<varlistentry id='driver'>
<term><varname>Driver=</varname></term>
<listitem>
<para>A whitespace-separated list of shell-style globs matching the driver currently bound to the
device, as exposed by the udev property <varname>ID_NET_DRIVER</varname> of its parent device, or
if that is not set, the driver as exposed by <command>ethtool -i</command> of the device itself.
If the list is prefixed with a "!", the test is inverted.</para>
</listitem>
</varlistentry>
<varlistentry id='type'>
<term><varname>Type=</varname></term>
<listitem>
<para>A whitespace-separated list of shell-style globs matching the device type, as exposed by
<command>networkctl list</command>. If the list is prefixed with a "!", the test is inverted.
Some valid values are <literal>ether</literal>, <literal>loopback</literal>, <literal>wlan</literal>, <literal>wwan</literal>.
Valid types are named either from the udev <literal>DEVTYPE</literal> attribute, or
<literal>ARPHRD_</literal> macros in <filename>linux/if_arp.h</filename>, so this is not comprehensive.
</para>
</listitem>
</varlistentry>
<varlistentry id='kind'>
<term><varname>Kind=</varname></term>
<listitem>
<para>A whitespace-separated list of shell-style globs matching the device kind, as exposed by
<command>networkctl status <replaceable>INTERFACE</replaceable></command> or
<command>ip -d link show <replaceable>INTERFACE</replaceable></command>. If the list is
prefixed with a "!", the test is inverted. Some valid values are <literal>bond</literal>,
<literal>bridge</literal>, <literal>gre</literal>, <literal>tun</literal>,
<literal>veth</literal>. Valid kinds are given by netlink's <literal>IFLA_INFO_KIND</literal>
attribute, so this is not comprehensive.
</para>
</listitem>
</varlistentry>
<varlistentry id='property'>
<term><varname>Property=</varname></term>
<listitem>
<para>A whitespace-separated list of udev property names with their values after equals sign
(<literal>=</literal>). If multiple properties are specified, the test results are ANDed.
If the list is prefixed with a "!", the test is inverted. If a value contains white
spaces, then please quote whole key and value pair. If a value contains quotation, then
please escape the quotation with <literal>\</literal>.</para>
<para>Example: if a .link file has the following:
<programlisting>Property=ID_MODEL_ID=9999 "ID_VENDOR_FROM_DATABASE=vendor name" "KEY=with \"quotation\""</programlisting>
then, the .link file matches only when an interface has all the above three properties.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>OriginalName=</varname></term>
<listitem>
<para>A whitespace-separated list of shell-style globs matching the device name, as exposed by the
udev property "INTERFACE". This cannot be used to match on names that have already been changed
from userspace. Caution is advised when matching on kernel-assigned names, as they are known to be
unstable between reboots.</para>
</listitem>
</varlistentry>
<varlistentry id='host'>
<term><varname>Host=</varname></term>
<listitem>
<para>Matches against the hostname or machine ID of the host. See <varname>ConditionHost=</varname> in
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details. When prefixed with an exclamation mark (<literal>!</literal>), the result is negated.
If an empty string is assigned, the previously assigned value is cleared.
</para>
</listitem>
</varlistentry>
<varlistentry id='virtualization'>
<term><varname>Virtualization=</varname></term>
<listitem>
<para>Checks whether the system is executed in a virtualized environment and optionally test
whether it is a specific implementation. See <varname>ConditionVirtualization=</varname> in
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details. When prefixed with an exclamation mark (<literal>!</literal>), the result is negated.
If an empty string is assigned, the previously assigned value is cleared.
</para>
</listitem>
</varlistentry>
<varlistentry id='kernel-command-line'>
<term><varname>KernelCommandLine=</varname></term>
<listitem>
<para>Checks whether a specific kernel command line option is set. See
<varname>ConditionKernelCommandLine=</varname> in
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details. When prefixed with an exclamation mark (<literal>!</literal>), the result is negated.
If an empty string is assigned, the previously assigned value is cleared.
</para>
</listitem>
</varlistentry>
<varlistentry id='kernel-version'>
<term><varname>KernelVersion=</varname></term>
<listitem>
<para>Checks whether the kernel version (as reported by <command>uname -r</command>) matches a certain
expression. See <varname>ConditionKernelVersion=</varname> in
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> for
details. When prefixed with an exclamation mark (<literal>!</literal>), the result is negated.
If an empty string is assigned, the previously assigned value is cleared.
</para>
</listitem>
</varlistentry>
<varlistentry id='credential'>
<term><varname>Credential=</varname></term>
<listitem>
<para>Checks whether the specified credential was passed to the
<filename>systemd-udevd.service</filename> service. See <ulink
url="https://systemd.io/CREDENTIALS">System and Service Credentials</ulink> for details. When
prefixed with an exclamation mark (<literal>!</literal>), the result is negated. If an empty
string is assigned, the previously assigned value is cleared.
</para>
</listitem>
</varlistentry>
<varlistentry id='architecture'>
<term><varname>Architecture=</varname></term>
<listitem>
<para>Checks whether the system is running on a specific architecture. See
<varname>ConditionArchitecture=</varname> in
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details. When prefixed with an exclamation mark (<literal>!</literal>), the result is negated.
If an empty string is assigned, the previously assigned value is cleared.
</para>
</listitem>
</varlistentry>
<varlistentry id='firmware'>
<term><varname>Firmware=</varname></term>
<listitem>
<para>Checks whether the system is running on a machine with the specified firmware. See
<varname>ConditionFirmware=</varname> in
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details. When prefixed with an exclamation mark (<literal>!</literal>), the result is negated.
If an empty string is assigned, the previously assigned value is cleared.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>[Link] Section Options</title>
<para>The [Link] section accepts the following
keys:</para>
<variablelist class='network-directives'>
<varlistentry>
<term><varname>Description=</varname></term>
<listitem>
<para>A description of the device.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Alias=</varname></term>
<listitem>
<para>The <varname>ifalias</varname> interface property is set to this value.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>MACAddressPolicy=</varname></term>
<listitem>
<para>The policy by which the MAC address should be set. The
available policies are:
</para>
<variablelist>
<varlistentry>
<term><option>persistent</option></term>
<listitem>
<para>If the hardware has a persistent MAC address, as
most hardware should, and if it is used by the kernel,
nothing is done. Otherwise, a new MAC address is
generated which is guaranteed to be the same on every
boot for the given machine and the given device, but
which is otherwise random. This feature depends on ID_NET_NAME_*
properties to exist for the link. On hardware where these
properties are not set, the generation of a persistent MAC address
will fail.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>random</option></term>
<listitem>
<para>If the kernel is using a random MAC address,
nothing is done. Otherwise, a new address is randomly
generated each time the device appears, typically at
boot. Either way, the random address will have the
<literal>unicast</literal> and
<literal>locally administered</literal> bits set.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>none</option></term>
<listitem>
<para>Keeps the MAC address assigned by the kernel. Or use the MAC address specified in
<varname>MACAddress=</varname>.</para>
</listitem>
</varlistentry>
</variablelist>
<para>An empty string assignment is equivalent to setting <literal>none</literal>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>MACAddress=</varname></term>
<listitem>
<para>The interface MAC address to use. For this setting to take effect,
<varname>MACAddressPolicy=</varname> must either be unset, empty, or <literal>none</literal>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>NamePolicy=</varname></term>
<listitem>
<para>An ordered, space-separated list of policies by which the interface name should be set.
<varname>NamePolicy=</varname> may be disabled by specifying <option>net.ifnames=0</option> on the
kernel command line. Each of the policies may fail, and the first successful one is used. The name
is not set directly, but is exported to udev as the property <option>ID_NET_NAME</option>, which
is, by default, used by a
<citerefentry><refentrytitle>udev</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
rule to set <varname>NAME</varname>. The available policies are:
</para>
<variablelist>
<varlistentry>
<term><option>kernel</option></term>
<listitem>
<para>If the kernel claims that the name it has set
for a device is predictable, then no renaming is
performed.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>database</option></term>
<listitem>
<para>The name is set based on entries in the udev's
Hardware Database with the key
<varname>ID_NET_NAME_FROM_DATABASE</varname>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>onboard</option></term>
<listitem>
<para>The name is set based on information given by
the firmware for on-board devices, as exported by the
udev property <varname>ID_NET_NAME_ONBOARD</varname>.
See <citerefentry><refentrytitle>systemd.net-naming-scheme</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>slot</option></term>
<listitem>
<para>The name is set based on information given by
the firmware for hot-plug devices, as exported by the
udev property <varname>ID_NET_NAME_SLOT</varname>.
See <citerefentry><refentrytitle>systemd.net-naming-scheme</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>path</option></term>
<listitem>
<para>The name is set based on the device's physical
location, as exported by the udev property
<varname>ID_NET_NAME_PATH</varname>.
See <citerefentry><refentrytitle>systemd.net-naming-scheme</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>mac</option></term>
<listitem>
<para>The name is set based on the device's persistent
MAC address, as exported by the udev property
<varname>ID_NET_NAME_MAC</varname>.
See <citerefentry><refentrytitle>systemd.net-naming-scheme</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>keep</option></term>
<listitem>
<para>If the device already had a name given by userspace (as part of creation of the device
or a rename), keep it.</para>
</listitem>
</varlistentry>
</variablelist>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Name=</varname></term>
<listitem>
<para>The interface name to use. This option has lower precedence than
<varname>NamePolicy=</varname>, so for this setting to take effect, <varname>NamePolicy=</varname>
must either be unset, empty, disabled, or all policies configured there must fail. Also see the
example below with <literal>Name=dmz0</literal>.</para>
<para>Note that specifying a name that the kernel might use for another interface (for example
<literal>eth0</literal>) is dangerous because the name assignment done by udev will race with the
assignment done by the kernel, and only one interface may use the name. Depending on the order of
operations, either udev or the kernel will win, making the naming unpredictable. It is best to use
some different prefix, for example <literal>internal0</literal>/<literal>external0</literal> or
<literal>lan0</literal>/<literal>lan1</literal>/<literal>lan3</literal>.</para>
<para>Interface names must have a minimum length of 1 character and a maximum length of 15
characters, and may contain any 7bit ASCII character, with the exception of control characters,
<literal>:</literal>, <literal>/</literal> and <literal>%</literal>. While <literal>.</literal> is
an allowed character, it's recommended to avoid it when naming interfaces as various tools (such as
<citerefentry><refentrytitle>resolvconf</refentrytitle><manvolnum>1</manvolnum></citerefentry>) use
it as separator character. Also, fully numeric interface names are not allowed (in order to avoid
ambiguity with interface specification by numeric indexes), as are the special strings
<literal>.</literal>, <literal>..</literal>, <literal>all</literal> and
<literal>default</literal>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>AlternativeNamesPolicy=</varname></term>
<listitem>
<para>A space-separated list of policies by which the interface's alternative names
should be set. Each of the policies may fail, and all successful policies are used. The
available policies are <literal>database</literal>, <literal>onboard</literal>,
<literal>slot</literal>, <literal>path</literal>, and <literal>mac</literal>. If the
kernel does not support the alternative names, then this setting will be ignored.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>AlternativeName=</varname></term>
<listitem>
<para>The alternative interface name to use. This option can be specified multiple times.
If the empty string is assigned to this option, the list is reset, and all prior assignments
have no effect. If the kernel does not support the alternative names, then this setting will
be ignored.</para>
<para>Alternative interface names may be used to identify interfaces in various tools. In contrast
to the primary name (as configured with <varname>Name=</varname> above) there may be multiple
alternative names referring to the same interface. Alternative names may have a maximum length of
127 characters, in contrast to the 15 allowed for the primary interface name, but otherwise are
subject to the same naming constraints.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>TransmitQueues=</varname></term>
<listitem>
<para>Specifies the device's number of transmit queues. An integer in the range 1…4096.
When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>ReceiveQueues=</varname></term>
<listitem>
<para>Specifies the device's number of receive queues. An integer in the range 1…4096.
When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>TransmitQueueLength=</varname></term>
<listitem>
<para>Specifies the transmit queue length of the device in number of packets. An unsigned integer
in the range 0…4294967294. When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>MTUBytes=</varname></term>
<listitem>
<para>The maximum transmission unit in bytes to set for the
device. The usual suffixes K, M, G are supported and are
understood to the base of 1024.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>BitsPerSecond=</varname></term>
<listitem>
<para>The speed to set for the device, the value is rounded
down to the nearest Mbps. The usual suffixes K, M, G are
supported and are understood to the base of 1000.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Duplex=</varname></term>
<listitem>
<para>The duplex mode to set for the device. The accepted values are <option>half</option> and
<option>full</option>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>AutoNegotiation=</varname></term>
<listitem>
<para>Takes a boolean. If set to yes, automatic negotiation of transmission parameters is enabled.
Autonegotiation is a procedure by which two connected ethernet devices choose
common transmission parameters, such as speed, duplex mode, and flow control.
When unset, the kernel's default will be used.</para>
<para>Note that if autonegotiation is enabled, speed and duplex settings are
read-only. If autonegotiation is disabled, speed and duplex settings are writable
if the driver supports multiple link modes.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>WakeOnLan=</varname></term>
<listitem>
<para>The Wake-on-LAN policy to set for the device. Takes the special value
<literal>off</literal> which disables Wake-on-LAN, or space separated list of the following
words:</para>
<variablelist>
<varlistentry>
<term><option>phy</option></term>
<listitem>
<para>Wake on PHY activity.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>unicast</option></term>
<listitem>
<para>Wake on unicast messages.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>multicast</option></term>
<listitem>
<para>Wake on multicast messages.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>broadcast</option></term>
<listitem>
<para>Wake on broadcast messages.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>arp</option></term>
<listitem>
<para>Wake on ARP.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>magic</option></term>
<listitem>
<para>Wake on receipt of a magic packet.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>secureon</option></term>
<listitem>
<para>Enable SecureOn password for MagicPacket. Implied when
<varname>WakeOnLanPassword=</varname> is specified. If specified without
<varname>WakeOnLanPassword=</varname> option, then the password is read from the
credential <literal><replaceable>LINK</replaceable>.link.wol.password</literal> (e.g.,
<literal>60-foo.link.wol.password</literal>), and if the credential not found, then
read from <literal>wol.password</literal>. See
<varname>ImportCredential=</varname>/<varname>LoadCredential=</varname>/<varname>SetCredential=</varname> in
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>1</manvolnum></citerefentry>
for details. The password in the credential, must be 6 bytes in hex format with each
byte separated by a colon (<literal>:</literal>) like an Ethernet MAC address, e.g.,
<literal>aa:bb:cc:dd:ee:ff</literal>.</para>
</listitem>
</varlistentry>
</variablelist>
<para>Defaults to unset, and the device's default will be used. This setting can be specified
multiple times. If an empty string is assigned, then the all previous assignments are
cleared.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>WakeOnLanPassword=</varname></term>
<listitem>
<para>Specifies the SecureOn password for MagicPacket. Takes an absolute path to a regular
file or an <constant>AF_UNIX</constant> stream socket, or the plain password. When a path to
a regular file is specified, the password is read from it. When an
<constant>AF_UNIX</constant> stream socket is specified, a connection is made to it and the
password is read from it. The password must be 6 bytes in hex format with each byte separated
by a colon (<literal>:</literal>) like an Ethernet MAC address, e.g.,
<literal>aa:bb:cc:dd:ee:ff</literal>. This implies <varname>WakeOnLan=secureon</varname>.
Defaults to unset, and the current value will not be changed.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Port=</varname></term>
<listitem>
<para>The port option is used to select the device port. The
supported values are:</para>
<variablelist>
<varlistentry>
<term><option>tp</option></term>
<listitem>
<para>An Ethernet interface using Twisted-Pair cable as the medium.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>aui</option></term>
<listitem>
<para>Attachment Unit Interface (AUI). Normally used with hubs.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>bnc</option></term>
<listitem>
<para>An Ethernet interface using BNC connectors and co-axial cable.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>mii</option></term>
<listitem>
<para>An Ethernet interface using a Media Independent Interface (MII).</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>fibre</option></term>
<listitem>
<para>An Ethernet interface using Optical Fibre as the medium.</para>
</listitem>
</varlistentry>
</variablelist>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Advertise=</varname></term>
<listitem>
<para>This sets what speeds and duplex modes of operation are advertised for auto-negotiation.
This implies <literal>AutoNegotiation=yes</literal>. The supported values are:
<table>
<title>Supported advertise values</title>
<tgroup cols='3'>
<colspec colname='Advertise' />
<colspec colname='Speed' />
<colspec colname='Duplex Mode' />
<thead><row>
<entry>Advertise</entry>
<entry>Speed (Mbps)</entry>
<entry>Duplex Mode</entry>
</row></thead>
<xi:include href="ethtool-link-mode.xml" />
</tgroup>
</table>
By default this is unset, i.e. all possible modes will be advertised.
This option may be specified more than once, in which case all specified speeds and modes are advertised.
If the empty string is assigned to this option, the list is reset, and all prior assignments have no effect.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>ReceiveChecksumOffload=</varname></term>
<listitem>
<para>Takes a boolean. If set to true, hardware offload for checksumming of ingress
network packets is enabled. When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>TransmitChecksumOffload=</varname></term>
<listitem>
<para>Takes a boolean. If set to true, hardware offload for checksumming of egress
network packets is enabled. When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>TCPSegmentationOffload=</varname></term>
<listitem>
<para>Takes a boolean. If set to true, TCP Segmentation Offload (TSO) is enabled.
When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>TCP6SegmentationOffload=</varname></term>
<listitem>
<para>Takes a boolean. If set to true, TCP6 Segmentation Offload (tx-tcp6-segmentation) is enabled.
When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>GenericSegmentationOffload=</varname></term>
<listitem>
<para>Takes a boolean. If set to true, Generic Segmentation Offload (GSO) is enabled.
When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>GenericReceiveOffload=</varname></term>
<listitem>
<para>Takes a boolean. If set to true, Generic Receive Offload (GRO) is enabled.
When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>GenericReceiveOffloadHardware=</varname></term>
<listitem>
<para>Takes a boolean. If set to true, hardware accelerated Generic Receive Offload (GRO) is
enabled. When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>LargeReceiveOffload=</varname></term>
<listitem>
<para>Takes a boolean. If set to true, Large Receive Offload (LRO) is enabled.
When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>ReceiveVLANCTAGHardwareAcceleration=</varname></term>
<listitem>
<para>Takes a boolean. If set to true, receive VLAN CTAG hardware acceleration is enabled.
When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>TransmitVLANCTAGHardwareAcceleration=</varname></term>
<listitem>
<para>Takes a boolean. If set to true, transmit VLAN CTAG hardware acceleration is enabled.
When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>ReceiveVLANCTAGFilter=</varname></term>
<listitem>
<para>Takes a boolean. If set to true, receive filtering on VLAN CTAGs is enabled.
When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>TransmitVLANSTAGHardwareAcceleration=</varname></term>
<listitem>
<para>Takes a boolean. If set to true, transmit VLAN STAG hardware acceleration is enabled.
When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>NTupleFilter=</varname></term>
<listitem>
<para>Takes a boolean. If set to true, receive N-tuple filters and actions are enabled.
When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>RxChannels=</varname></term>
<term><varname>TxChannels=</varname></term>
<term><varname>OtherChannels=</varname></term>
<term><varname>CombinedChannels=</varname></term>
<listitem>
<para>Specifies the number of receive, transmit, other, or combined channels, respectively.
Takes an unsigned integer in the range 1…4294967295 or <literal>max</literal>. If set to
<literal>max</literal>, the advertised maximum value of the hardware will be used. When
unset, the number will not be changed. Defaults to unset.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>RxBufferSize=</varname></term>
<term><varname>RxMiniBufferSize=</varname></term>
<term><varname>RxJumboBufferSize=</varname></term>
<term><varname>TxBufferSize=</varname></term>
<listitem>
<para>Specifies the maximum number of pending packets in the NIC receive buffer, mini receive
buffer, jumbo receive buffer, or transmit buffer, respectively. Takes an unsigned integer in
the range 1…4294967295 or <literal>max</literal>. If set to <literal>max</literal>, the
advertised maximum value of the hardware will be used. When unset, the number will not be
changed. Defaults to unset.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>RxFlowControl=</varname></term>
<listitem>
<para>Takes a boolean. When set, enables receive flow control, also known as the ethernet
receive PAUSE message (generate and send ethernet PAUSE frames). When unset, the kernel's
default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>TxFlowControl=</varname></term>
<listitem>
<para>Takes a boolean. When set, enables transmit flow control, also known as the ethernet
transmit PAUSE message (respond to received ethernet PAUSE frames). When unset, the kernel's
default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>AutoNegotiationFlowControl=</varname></term>
<listitem>
<para>Takes a boolean. When set, auto negotiation enables the interface to exchange state
advertisements with the connected peer so that the two devices can agree on the ethernet
PAUSE configuration. When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>GenericSegmentOffloadMaxBytes=</varname></term>
<listitem>
<para>Specifies the maximum size of a Generic Segment Offload (GSO) packet the
device should accept. The usual suffixes K, M, G are supported and are
understood to the base of 1024. An unsigned integer in the range 1…65536.
Defaults to unset.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>GenericSegmentOffloadMaxSegments=</varname></term>
<listitem>
<para>Specifies the maximum number of Generic Segment Offload (GSO) segments the device should
accept. An unsigned integer in the range 1…65535. Defaults to unset.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>UseAdaptiveRxCoalesce=</varname></term>
<term><varname>UseAdaptiveTxCoalesce=</varname></term>
<listitem>
<para>Boolean properties that, when set, enable/disable adaptive Rx/Tx coalescing if the hardware
supports it. When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>RxCoalesceSec=</varname></term>
<term><varname>RxCoalesceIrqSec=</varname></term>
<term><varname>RxCoalesceLowSec=</varname></term>
<term><varname>RxCoalesceHighSec=</varname></term>
<term><varname>TxCoalesceSec=</varname></term>
<term><varname>TxCoalesceIrqSec=</varname></term>
<term><varname>TxCoalesceLowSec=</varname></term>
<term><varname>TxCoalesceHighSec=</varname></term>
<listitem>
<para>These properties configure the delay before Rx/Tx interrupts are generated after a packet is
sent/received. The <literal>Irq</literal> properties come into effect when the host is servicing an
IRQ. The <literal>Low</literal> and <literal>High</literal> properties come into effect when the
packet rate drops below the low packet rate threshold or exceeds the high packet rate threshold
respectively if adaptive Rx/Tx coalescing is enabled. When unset, the kernel's defaults will be
used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>RxMaxCoalescedFrames=</varname></term>
<term><varname>RxMaxCoalescedIrqFrames=</varname></term>
<term><varname>RxMaxCoalescedLowFrames=</varname></term>
<term><varname>RxMaxCoalescedHighFrames=</varname></term>
<term><varname>TxMaxCoalescedFrames=</varname></term>
<term><varname>TxMaxCoalescedIrqFrames=</varname></term>
<term><varname>TxMaxCoalescedLowFrames=</varname></term>
<term><varname>TxMaxCoalescedHighFrames=</varname></term>
<listitem>
<para>These properties configure the maximum number of frames that are sent/received before a Rx/Tx
interrupt is generated. The <literal>Irq</literal> properties come into effect when the host is
servicing an IRQ. The <literal>Low</literal> and <literal>High</literal> properties come into
effect when the packet rate drops below the low packet rate threshold or exceeds the high packet
rate threshold respectively if adaptive Rx/Tx coalescing is enabled. When unset, the kernel's
defaults will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>CoalescePacketRateLow=</varname></term>
<term><varname>CoalescePacketRateHigh=</varname></term>
<listitem>
<para>These properties configure the low and high packet rate (expressed in packets per second)
threshold respectively and are used to determine when the corresponding coalescing settings for low
and high packet rates come into effect if adaptive Rx/Tx coalescing is enabled. If unset, the
kernel's defaults will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>CoalescePacketRateSampleIntervalSec=</varname></term>
<listitem>
<para>Configures how often to sample the packet rate used for adaptive Rx/Tx coalescing. This
property cannot be zero. This lowest time granularity supported by this property is seconds.
Partial seconds will be rounded up before being passed to the kernel. If unset, the kernel's
default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>StatisticsBlockCoalesceSec=</varname></term>
<listitem>
<para>How long to delay driver in-memory statistics block updates. If the driver does not have an
in-memory statistic block, this property is ignored. This property cannot be zero. If unset, the
kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>MDI=</varname></term>
<listitem>
<para>Specifies the medium dependent interface (MDI) mode for the interface. A MDI describes
the interface from a physical layer implementation to the physical medium used to carry the
transmission. Takes one of the following words: <literal>straight</literal> (or equivalently:
<literal>mdi</literal>), <literal>crossover</literal> (or equivalently:
<literal>mdi-x</literal>, <literal>mdix</literal>), and <literal>auto</literal>. When
<literal>straight</literal>, the MDI straight through mode will be used. When
<literal>crossover</literal>, the MDI crossover (MDI-X) mode will be used. When
<literal>auto</literal>, the MDI status is automatically detected. Defaults to unset, and the
kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>SR-IOVVirtualFunctions=</varname></term>
<listitem>
<para>Specifies the number of SR-IOV virtual functions. Takes an integer in the range
0…2147483647. Defaults to unset, and automatically determined from the values specified in
the <varname>VirtualFunction=</varname> settings in the [SR-IOV] sections.</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='sr-iov'>
<title>[SR-IOV] Section Options</title>
<para>The [SR-IOV] section accepts the following keys. Specify several [SR-IOV] sections to
configure several SR-IOVs. SR-IOV provides the ability to partition a single physical PCI resource
into virtual PCI functions which can then be injected into a VM. In the case of network VFs, SR-IOV
improves north-south network performance (that is, traffic with endpoints outside the host machine)
by allowing traffic to bypass the host machines network stack.</para>
<variablelist class='network-directives'>
<varlistentry>
<term><varname>VirtualFunction=</varname></term>
<listitem>
<para>Specifies a Virtual Function (VF), lightweight PCIe function designed solely to move
data in and out. Takes an integer in the range 0…2147483646. This option is compulsory.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>VLANId=</varname></term>
<listitem>
<para>Specifies VLAN ID of the virtual function. Takes an integer in the range 1…4095.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>QualityOfService=</varname></term>
<listitem>
<para>Specifies quality of service of the virtual function. Takes an integer in the range
1…4294967294.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>VLANProtocol=</varname></term>
<listitem>
<para>Specifies VLAN protocol of the virtual function. Takes <literal>802.1Q</literal> or
<literal>802.1ad</literal>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>MACSpoofCheck=</varname></term>
<listitem>
<para>Takes a boolean. Controls the MAC spoof checking. When unset, the kernel's default will
be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>QueryReceiveSideScaling=</varname></term>
<listitem>
<para>Takes a boolean. Toggle the ability of querying the receive side scaling (RSS)
configuration of the virtual function (VF). The VF RSS information like RSS hash key may be
considered sensitive on some devices where this information is shared between VF and the
physical function (PF). When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Trust=</varname></term>
<listitem>
<para>Takes a boolean. Allows one to set trust mode of the virtual function (VF). When set,
VF users can set a specific feature which may impact security and/or performance. When unset,
the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>LinkState=</varname></term>
<listitem>
<para>Allows one to set the link state of the virtual function (VF). Takes a boolean or a
special value <literal>auto</literal>. Setting to <literal>auto</literal> means a
reflection of the physical function (PF) link state, <literal>yes</literal> lets the VF to
communicate with other VFs on this host even if the PF link state is down,
<literal>no</literal> causes the hardware to drop any packets sent by the VF. When unset,
the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>MACAddress=</varname></term>
<listitem>
<para>Specifies the MAC address for the virtual function.</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>Examples</title>
<example>
<title>/usr/lib/systemd/network/99-default.link</title>
<para>The link file <filename>99-default.link</filename> that is shipped with systemd defines the
default policies for the interface name, alternative names, and MAC address of links.</para>
<programlisting>[Match]
OriginalName=*
[Link]
NamePolicy=keep kernel database onboard slot path
AlternativeNamesPolicy=database onboard slot path
MACAddressPolicy=persistent</programlisting>
</example>
<example>
<title>/etc/systemd/network/10-dmz.link</title>
<para>This example assigns the fixed name <literal>dmz0</literal> to the interface with the MAC address
00:a0:de:63:7a:e6:</para>
<programlisting>[Match]
MACAddress=00:a0:de:63:7a:e6
[Link]
Name=dmz0</programlisting>
<para><varname>NamePolicy=</varname> is not set, so <varname>Name=</varname> takes effect. We use the
<literal>10-</literal> prefix to order this file early in the list. Note that it needs to be before
<filename>99-default.link</filename>, i.e. it needs a numerical prefix, to have any effect at all.</para>
</example>
<example>
<title>(Re-)applying a .link file to an interface</title>
<para>After a new .link file has been created, or an existing .link file modified, the new settings
may be applied to the matching interface with the following commands:</para>
<programlisting>$ sudo udevadm control --reload
$ sudo ip link set eth0 down
$ sudo udevadm trigger --verbose --settle --action add /sys/class/net/eth0</programlisting>
<para>You may also need to stop the service that manages the network interface, e.g.
<filename>systemd-networkd.service</filename> or <filename>NetworkManager.service</filename> before
the above operation, and then restart the service after that. For more details about
<command>udevadm</command> command, see
<citerefentry><refentrytitle>udevadm</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
</example>
<example>
<title>Debugging <varname>NamePolicy=</varname> assignments</title>
<programlisting>$ sudo SYSTEMD_LOG_LEVEL=debug udevadm test-builtin net_setup_link /sys/class/net/hub0
Parsed configuration file /usr/lib/systemd/network/99-default.link
Parsed configuration file /etc/systemd/network/10-eth0.link
ID_NET_DRIVER=cdc_ether
Config file /etc/systemd/network/10-eth0.link applies to device hub0
link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
hub0: Device has name_assign_type=4
Using default interface naming scheme 'v240'.
hub0: Policies didn't yield a name, using specified Name=hub0.
ID_NET_LINK_FILE=/etc/systemd/network/10-eth0.link
ID_NET_NAME=hub0
</programlisting>
<para>Explicit <varname>Name=</varname> configuration wins in this case.</para>
<programlisting>sudo SYSTEMD_LOG_LEVEL=debug udevadm test-builtin net_setup_link /sys/class/net/enp0s31f6
Parsed configuration file /usr/lib/systemd/network/99-default.link
Parsed configuration file /etc/systemd/network/10-eth0.link
Created link configuration context.
ID_NET_DRIVER=e1000e
Config file /usr/lib/systemd/network/99-default.link applies to device enp0s31f6
link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
enp0s31f6: Device has name_assign_type=4
Using default interface naming scheme 'v240'.
enp0s31f6: Policy *keep*: keeping existing userspace name
enp0s31f6: Device has addr_assign_type=0
enp0s31f6: MAC on the device already matches policy *persistent*
ID_NET_LINK_FILE=/usr/lib/systemd/network/99-default.link
</programlisting>
<para>In this case, the interface was already renamed, so the <option>keep</option> policy specified as
the first option in <filename index="false">99-default.link</filename> means that the existing name is
preserved. If <option>keep</option> was removed, or if were in boot before the renaming has happened,
we might get the following instead:</para>
<programlisting>enp0s31f6: Policy *path* yields "enp0s31f6".
enp0s31f6: Device has addr_assign_type=0
enp0s31f6: MAC on the device already matches policy *persistent*
ID_NET_LINK_FILE=/usr/lib/systemd/network/99-default.link
ID_NET_NAME=enp0s31f6
</programlisting>
<para>Please note that the details of output are subject to change.</para>
</example>
<example>
<title>/etc/systemd/network/10-internet.link</title>
<para>This example assigns the fixed name
<literal>internet0</literal> to the interface with the device
path <literal>pci-0000:00:1a.0-*</literal>:</para>
<programlisting>[Match]
Path=pci-0000:00:1a.0-*
[Link]
Name=internet0</programlisting>
</example>
<example>
<title>/etc/systemd/network/25-wireless.link</title>
<para>Here's an overly complex example that shows the use of a large number of [Match] and [Link] settings.</para>
<programlisting>[Match]
MACAddress=12:34:56:78:9a:bc
Driver=brcmsmac
Path=pci-0000:02:00.0-*
Type=wlan
Virtualization=no
Host=my-laptop
Architecture=x86-64
[Link]
Name=wireless0
MTUBytes=1450
BitsPerSecond=10M
WakeOnLan=magic
MACAddress=cb:a9:87:65:43:21</programlisting>
</example>
</refsect1>
<refsect1>
<title>See Also</title>
<para>
<citerefentry>
<refentrytitle>systemd-udevd.service</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>udevadm</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>systemd-network-generator.service</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
</refentry>