summaryrefslogtreecommitdiff
path: root/man/systemd.netdev.xml
Commit message (Collapse)AuthorAgeFilesLines
* network: add MACsecTransmitAssociation.UseForEncoding= settingYu Watanabe2019-04-121-0/+8
|
* network: add MACsec*Association.Activate= settingYu Watanabe2019-04-121-0/+13
|
* network: add MACsec*Association.KeyFile= settingYu Watanabe2019-04-121-0/+16
|
* network: Introduce MACsecSusant Sahani2019-04-121-0/+121
| | | | | | | | | | | | Media Access Control Security (MACsec) is an 802.1AE IEEE industry-standard security technology that provides secure communication for all traffic on Ethernet links. MACsec provides point-to-point security on Ethernet links between directly connected nodes and is capable of identifying and preventing most security threats, including denial of service, intrusion, man-in-the-middle, masquerading, passive wiretapping, and playback attacks. Closes #5754
* network: add WireGuardPeer.PresharedKeyFile= settingYu Watanabe2019-04-091-1/+11
|
* network: make reading PrivateKeyFile= failure always fatalYu Watanabe2019-04-091-3/+1
| | | | This also refactor wireguard_read_key_file().
* man: update FooOverUDP=Yu Watanabe2019-04-021-11/+15
|
* man: update Tunnel.Key= and friendsYu Watanabe2019-03-301-6/+8
|
* Merge pull request #12066 from yuwata/fix-network-tunnel-12041Yu Watanabe2019-03-221-6/+5
|\ | | | | network: fix netdev_tunnel_verify()
| * man: mention that Tunnel.Local= and Tunnel.Remote= can take 'any'Yu Watanabe2019-03-221-3/+4
| |
| * man: do not wrap line in the tableYu Watanabe2019-03-221-3/+1
| |
* | man: mention that conditions in [Match] section support negationYu Watanabe2019-03-211-18/+20
|/
* man: use same header for all filesZbigniew Jędrzejewski-Szmek2019-03-141-1/+1
| | | | | | | The "include" files had type "book" for some raeason. I don't think this is meaningful. Let's just use the same everywhere. $ perl -i -0pe 's^..DOCTYPE (book|refentry) PUBLIC "-//OASIS//DTD DocBook XML V4.[25]//EN"\s+"http^<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"\n "http^gms' man/*.xml
* man: standarize on one-line license headerZbigniew Jędrzejewski-Szmek2019-03-141-4/+1
| | | | | | No need to waste space, and uniformity is good. $ perl -i -0pe 's|\n+<!--\s*SPDX-License-Identifier: LGPL-2.1..\s*-->|\n<!-- SPDX-License-Identifier: LGPL-2.1+ -->|gms' man/*.xml
* network: automatically pick an address on link when L2TP.Local= is not specifiedYu Watanabe2019-03-141-1/+6
| | | | | | This makes L2TP.Local= support an empty string, 'auto', 'static', and 'dynamic'. When one of the values are specified, a local address is automatically picked from the local interface of the tunnel.
* networkd: Introduce l2tp tunnelSusant Sahani2019-03-141-0/+110
| | | | | This works allows networkd to configure l2tp tunnel. See http://man7.org/linux/man-pages/man8/ip-l2tp.8.html
* wireguard: add PrivateKeyFile= optionYu Watanabe2019-03-131-1/+13
| | | | Closes #11878.
* Merge pull request #11636 from yuwata/network-in-addr-is-nullLennart Poettering2019-02-151-2/+3
|\ | | | | network, sd-netlink: unify several functions and fixes coding style
| * man: add missing netdev kind in Tunnel sectionYu Watanabe2019-02-111-2/+3
| |
* | man: fix markup and grammar for FOU{Source,Destination}Port=Zbigniew Jędrzejewski-Szmek2019-02-131-3/+3
|/
* man: mention vlan devices inherit the MAC address of the physical interfaceYu Watanabe2019-02-091-8/+8
| | | | | | | | Follow-up for bc48c51f72d86c6f690724f251892da5657116ac. Closes #4783. [zj: tweak grammar a bit.]
* netdev bond: add support to configure tlb_dynamic_lbSusant Sahani2018-12-151-0/+9
| | | | | | Closes https://github.com/systemd/systemd/issues/11135 Add test for bond : tlb_dynamic_lb
* networkd: Add support to configure ISATAP tunnelSusant Sahani2018-12-031-0/+7
| | | | | | | Let's just reuse the code of sit tunnel to create a ISATAP tunnel. Matter of turning a flag Please see https://elixir.bootlin.com/linux/v4.19.6/source/net/ipv6/sit.c#L208
* man: update explanation for boolean optionsYu Watanabe2018-11-271-37/+37
|
* man: improve the explanation of "Defaults to unset"Yu Watanabe2018-11-271-14/+14
|
* networkd: Add support for ERSPAN tunnelSusant Sahani2018-11-271-0/+21
| | | | | | | | | | | | | | | | | Please see: https://patchwork.ozlabs.org/patch/800327/ ``` [NetDev] Name=erspan-test Kind=erspan [Tunnel] Independent=true ERSPANIndex=123 Local = 172.16.1.200 Remote = 172.16.1.100 Key=101 SerializeTunneledPackets=true ```
* networkd: support 6rd tunnel netdev setup.David Anderson2018-11-091-0/+20
|
* networkd: cleanup for #10542Tobias Jungel2018-11-061-2/+2
| | | | fixes: 53b1f7d
* man: drop duplicated line in systemd.netdev(5)Yu Watanabe2018-11-041-1/+0
|
* networkd: add missing bonding options (#10542)Tobias Jungel2018-11-021-0/+21
| | | | | | | | | Add support for bonding options system prio, port key and actor system mac. These options exist in the linux kernel since 4.2 (torvalds/linux@171a42c38c6e1) Details: https://www.kernel.org/doc/Documentation/networking/bonding.txt
* man: also use "yes"/"no" rather than "true"/"false" in man pagesLennart Poettering2018-10-131-4/+4
| | | | | | | | | We usually use yes/no in all our unit files, do the same in the man pages. Triggered by: https://github.com/systemd/systemd/pull/9824#issuecomment-420729987
* networkd and sd-netlink: add support for Generic netlink And FooOverUDP to ↵Susant Sahani2018-08-231-0/+98
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | IPIP tunnel This work add support to generic netlink to sd-netlink. See https://lwn.net/Articles/208755/ networkd: add support FooOverUDP support to IPIP tunnel netdev https://lwn.net/Articles/614348/ Example conf: /lib/systemd/network/1-fou-tunnel.netdev ``` [NetDev] Name=fou-tun Kind=fou [FooOverUDP] Port=5555 Protocol=4 ``` /lib/systemd/network/ipip-tunnel.netdev ``` [NetDev] Name=ipip-tun Kind=ipip [Tunnel] Independent=true Local=10.65.208.212 Remote=10.65.208.211 FooOverUDP=true FOUDestinationPort=5555 ``` $ ip -d link show ipip-tun ``` 5: ipip-tun@NONE: <POINTOPOINT,NOARP> mtu 1472 qdisc noop state DOWN mode DEFAULT group default qlen 1000 link/ipip 10.65.208.212 peer 10.65.208.211 promiscuity 0 ipip remote 10.65.208.211 local 10.65.208.212 ttl inherit pmtudisc encap fou encap-sport auto encap-dport 5555 noencap-csum noencap-csum6 noencap-remcsum numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 ```
* man: fix group name for systemd-networkdYu Watanabe2018-07-171-1/+1
|
* man: add comments about MTUBytes= and MACAddress= for tuntap devicesYu Watanabe2018-06-251-10/+13
| | | | Closes #9407.
* tree-wide: drop copyright headers from frequent contributorsZbigniew Jędrzejewski-Szmek2018-06-201-2/+0
| | | | | | | | Fixes #9320. for p in Shapovalov Chevalier Rozhkov Sievers Mack Herrmann Schmidt Rudenberg Sahani Landden Andersen Watanabe; do git grep -e 'Copyright.*'$p -l|xargs perl -i -0pe 's|/([*][*])?[*]\s+([*#]\s+)?Copyright[^\n]*'$p'[^\n]*\s*[*]([*][*])?/\n*|\n|gms; s|\s+([*#]\s+)?Copyright[^\n]*'$p'[^\n]*\n*|\n|gms' done
* man: drop unused <authorgroup> tags from man sourcesZbigniew Jędrzejewski-Szmek2018-06-141-9/+0
| | | | | | | | | | | | Docbook styles required those to be present, even though the templates that we use did not show those names anywhere. But something changed semi-recently (I would suspect docbook templates, but there was only a minor version bump in recent years, and the changelog does not suggest anything related), and builds now work without those entries. Let's drop this dead weight. Tested with F26-F29, debian unstable. $ perl -i -0pe 's/\s*<authorgroup>.*<.authorgroup>//gms' man/*xml
* tree-wide: beautify remaining copyright statementsLennart Poettering2018-06-141-1/+1
| | | | | | Let's unify an beautify our remaining copyright statements, with a unicode ©. This means our copyright statements are now always formatted the same way. Yay.
* tree-wide: drop 'This file is part of systemd' blurbLennart Poettering2018-06-141-2/+0
| | | | | | | | | | | | | | | | This part of the copyright blurb stems from the GPL use recommendations: https://www.gnu.org/licenses/gpl-howto.en.html The concept appears to originate in times where version control was per file, instead of per tree, and was a way to glue the files together. Ultimately, we nowadays don't live in that world anymore, and this information is entirely useless anyway, as people are very welcome to copy these files into any projects they like, and they shouldn't have to change bits that are part of our copyright header for that. hence, let's just get rid of this old cruft, and shorten our codebase a bit.
* networkd: introduce netdev "Netdevsim" DriverSusant Sahani2018-06-031-0/+2
| | | | | | This "netdevsim" as implied by the name is a tool for network developers and is a simulator. This simulated networking device is used for testing various networking APIs and at this time is particularly focused on testing hardware offloading related interfaces.
* tree-wide: drop license boilerplateZbigniew Jędrzejewski-Szmek2018-04-061-13/+0
| | | | | | | | | | Files which are installed as-is (any .service and other unit files, .conf files, .policy files, etc), are left as is. My assumption is that SPDX identifiers are not yet that well known, so it's better to retain the extended header to avoid any doubt. I also kept any copyright lines. We can probably remove them, but it'd nice to obtain explicit acks from all involved authors before doing that.
* networkd: vxlan require Remote= to be a non multicast address (#8117)Susant Sahani2018-02-081-1/+1
| | | | | | | | Remote= must be a non multicast address. ip-link(8) says: > remote IPADDR - specifies the unicast destination IP address to > use in outgoing packets when the destination link layer address > is not known in the VXLAN device forwarding database. Closes #8088.
* man: note handling of secret information with permissionsJason A. Donenfeld2018-01-291-2/+8
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* man: WireGuard is a proper nounJason A. Donenfeld2018-01-291-2/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* networkd: add support for wireguard interface typeJörg Thalheim2018-01-091-0/+115
| | | | More information may be found at wireguard.com.
* networkd: Tunnel allows tunnel traffic on ip6tnl devices (#7756)Susant Sahani2017-12-291-0/+8
| | | where the remote endpoint is a local host address.
* core,udev,networkd: add ConditionKernelVersion=Lennart Poettering2017-12-261-0/+10
| | | | | | | | | | This adds a simple condition/assert/match to the service manager, to udev's .link handling and to networkd, for matching the kernel version string. In this version we only do fnmatch() based globbing, but we might want to extend that to version comparisons later on, if we like, by slightly extending the syntax with ">=", "<=", ">", "<" and "==" expressions.
* networkd: Add support for ipvlan L3s and flags (#7726)Susant Sahani2017-12-231-1/+9
| | | | This works supports to configure L3S mode and flags such as bridge, private and vepa
* networkd: introduce vxcan netdev. (#7150)Susant Sahani2017-11-221-0/+20
| | | | | | | Similar to the virtual ethernet driver veth, vxcan implements a local CAN traffic tunnel between two virtual CAN network devices. When creating a vxcan, two vxcan devices are created as pair When one end receives the packet it appears on its pair and vice versa. The vxcan can be used for cross namespace communication.
* Add SPDX license identifiers to man pagesZbigniew Jędrzejewski-Szmek2017-11-191-0/+2
|
* Allow configuration of a bridge netdev's group_fwd_mask. (#6759)b1tninja2017-09-081-0/+10
|