Ifcfg files details

From Nuclear Physics Group Documentation Pages
Jump to navigationJump to search

/usr/share/doc/initscripts-8.11.1/sysconfig.txt

/etc/sysconfig/network-scripts/ifcfg-<interface-name> and
/etc/sysconfig/network-scripts/ifcfg-<interface-name>:<alias-name>:

  The first defines an interface, and the second contains
  only the parts of the definition that are different in a
  "alias" (or alternative) interface.  For example, the
  network numbers might be different, but everything else
  might be the same, so only the network numbers would be
  in the alias file, but all the device information would
  be in the base ifcfg file.

  The items that can be defined in an ifcfg file depend on the
  interface type.  The really obvious ones I'm not going to
  bother to define; you can figure out what "IPADDR" is, I
  think...  :-)

  Base items:
    NAME=<friendly name for users to see>
      Most important for PPP.  Only used in front ends.
    DEVICE=<name of physical device (except dynamically-allocated PPP
      devices where it is the "logical name")>
    IPADDR=
    NETMASK=
    GATEWAY=
    ONBOOT=yes|no
    ONHOTPLUG=yes|no
    USERCTL=yes|no
    BOOTPROTO=none|bootp|dhcp
    MTU=
      Default MTU for this device
    WINDOW=
      Default window for routes from this device
    PEERDNS=yes|no
      modify /etc/resolv.conf if peer uses msdns extension (PPP only) or
      DNS{1,2} are set, or if using dhclient. default to "yes".
    DNS{1,2}=<ipaddress>
      provide DNS addresses that are dropped into the resolv.conf
      file if PEERDNS is not set to "no".
    SRCADDR=
      use the specified source address for outgoing packets
    HWADDR=
      ethernet hardware address for this device
    MACADDR=
      Set the hardware address for this device to this.
      Use of this in conjunction with HWADDR= may cause
      unintended behavior.
    NOZZEROCONF=
      Set this to not set a route for dyamic link-local addreses
      over this device.
    PERSISTENT_DHCLIENT=yes|no|1|0
      Without this option, or if it is 'no'/'0', and BOOTPROTO=dhcp,
      dhclient is run for the interface in "one-shot" mode; if the
      dhcp server does not respond for a configurable timeout, then
      dhclient exits and the interface is not brought up -
      the '-1' option is given to dhclient.
      If PERSISTENT_DHCLIENT=yes, then dhclient will keep on trying
      to contact the dhcp server when it does not respond - no '-1'
      option is given to dhclient.
    DHCPRELEASE=yes|no|1|0
      With this option set to 'yes' (1), when a dhcp configured
      interface is brought down with 'ifdown', the lease will be
      released. Otherwise, leases are not released.
    DHCLIENT_IGNORE_GATEWAY=yes|no|1|0
      If set to 'yes', it will cause dhclient-script to ignore any $GATEWAY
      setting that may be in the ifcfg file for this interface.
      Otherwise, the dhclient session which obtains an ip-address
      on the same subnet as $GATEWAY will set the default route
      to be via $GATEWAY, and no other dhclient session will set
      the default route.

  If BOOTPROTO is not "none", then the only other item that
  must be set is the DEVICE item; all the rest will be determined
  by the boot protocol.  No "dummy" entries need to be created.

  Base items being deprecated:
    NETWORK=<will be calculated automatically with ifcalc>
    BROADCAST=<will be calculated automatically with ifcalc>

  Alias specific items:
    ONPARENT=yes|no
      Whether to bring up the device when the parent device is brought
      up.
      Default: yes

  IPv6-only items for real interfaces:
    IPV6INIT=yes|no
      Enable or disable IPv6 configuration for this interface
      Default: no
    IPV6FORWARDING=yes|no
      Enable or disable global forwarding of incoming IPv6 packets
      Note: Obsolete in interface specification!
      Default: no
    IPV6ADDR=<IPv6 address>[/<prefix length>]
      Specify a primary static IPv6 address here
      Optional, if normal host and a router advertisement daemon is on local link
      Required, if node is a router and interface should route packets
      Note: if prefix length is omitted, 64 is assumed
      Example:
        IPV6ADDR="3ffe:ffff:0:5::1"
        IPV6ADDR="3ffe:ffff:0:1::1/128"
    IPV6ADDR_SECONDARIES="<IPv6 address>[/<prefix length>] ..." (optional)
      A list of secondary IPv6 addresses (e.g. useful for virtual hosting)
      Example:
        IPV6ADDR_SECONDARIES="3ffe:ffff:0:1::10 3ffe:ffff:0:2::11/128"
    IPV6_MTU=<MTU of link> (optional)
      Optional, dedicated MTU of this link
      Note: Must be greater or equal to 1280.
      Example:
        IPV6_MTU="1280"

  Special configuration options for multi-homed hosts etc.
        IPV6_ROUTER=yes|no: Controls IPv6 autoconfiguration
        IPV6_AUTOCONF=yes|no: Controls IPv6 autoconfiguration
         Defaults:
          Global IPV6FORWARDING=yes: IPV6_AUTOCONF=no, IPV6_ROUTER=yes
          Global IPV6FORWARDING=no: IPV6_AUTOCONF=yes

  Optional settings for a 6to4 tunnel
    IPV6TO4INIT=yes|no
      Enable or disable 6to4 tunneling setup
      Default: no
    IPV6TO4_RELAY=<IPv4 address> (optional)
      IPv4 address of the remote 6to4 relay
      Note: if this is omitted, ::192.88.99.1 (the anycast relay address) is chosen
    IPV6TO4_IPV4ADDR=<IPv6 address>[/<prefix length>] (optional)
      Overwrite local IPv4 address which is accessable from the Internet
       (optional, in case of static IPv4-NAT behind a router or other special scenarios)
    IPV6TO4_MTU=<MTU for IPv6> (optional)
      Controls IPv6 MTU for the 6to4 tunnel
      Note: Must be greater or equal to 1280
      Example:
        IPV6TO4_MTU="1280"
      Default: MTU of master device - 20
    IPV6TO4_ROUTING="<device>-<suffix>/<prefix length> ..." (optional)
      A list of routing tokens to setup proper IPv6 routes on the LAN
      Example:
         IPV6TO4_ROUTING="eth0-:0004::0/64 eth1-:0005::0/64"
         Will create one route per eth0 and eth1, taking given SLA

  Optional settings for a 6to4 tunnel or a ppp link
    IPV6_CONTROL_RADVD=yes|no (optional)
      Enable signalling radvd that the 6to4 prefix has been changed or a
       preconfigured dynamic device is up or down
      Default: no

  IPv6-only items for static tunnel interface:
    Interface name: sitX (X => 1)
    IPV6INIT=yes|no
      Enable or disable IPv6 configuration for this interface
      Default: no
    IPV6TUNNELIPV4=<IPv4 address>
      Specify IPv4 address of a foreign IPv6-in-IPv4 tunnel endpoint
      Example:
        IPV6TUNNELIPV4="1.2.3.4"
    IPV6TUNNELIPV4LOCAL=<IPv4 address>
      Specify local IPv4 address of tunnel, useful on interfaces with multiple IPv4 addresses
    IPV6ADDR=<IPv6 address>[/<prefix length>] (optional)
     local IPv6 address of a numbered tunnel
    IPV6ADDR_SECONDARIES="<IPv6 address>[/<prefix length>] ..." (optional)
      A list of secondary IPv6 addresses (example see above)
    IPV6_MTU=<MTU of tunnel> (optional)
      Optional, dedicated MTU of this tunnel
      Note: Must be greater or equal to 1280
      Example:
        IPV6_MTU="1280"

   IPv6-only option to enable DHCPv6 client:
      DHCPV6C=yes|no
      This will enable the DHCPv6 client, dhcp6c, to be run for the interface.
      See man dhcp6c(8) and dhcp6c.conf(5).

  Ethernet-only items:
    {IPXNETNUM,IPXPRIMARY,IPXACTIVE}_{802_2,802_3,ETHERII,SNAP}
    configuration matrix for IPX.  Only used if IPX is active.
    Managed from /etc/sysconfig/network-scripts/ifup-ipx
    ARP=yes|no (adds 'arp' flag to ifconfig, for use with the
      ethertap device)
    ETHTOOL_OPTS=...
      Any device-specific options supported by ethtool. For example,
      if you wanted to force 100Mb full duplex:
        ETHTOOL_OPTS="speed 100 duplex full autoneg off"
      Note that changing speed or duplex settings almost always
      requires disabling autonegotiation with 'autoneg off'.

    No longer supported:
     PROMISC=yes|no (enable or disable promiscuous mode)
     ALLMULTI=yes|no (enable or disable all-multicast mode)

     To properly set these, use the packet socket interface.

  Ethernet 802.1q VLAN items:
     DEVICE=eth0.42
       Initscripts use DEV_PLUS_VID_NO_PAD naming mode for VLAN
       devices.
               Example: eth0.42 for vlan 42 on device eth0.
       Valid VLAN ID range is 0-4095. Most ethernet switches reserve
       VLAN ID 1 to be used as management VLAN; starting from VLAN
       ID 2 is recommended.
     REORDER_HDR=yes|no
       When enabled the VLAN device will move the ethernet header
       around to make it look exactly like a real ethernet device.
       This may help programs such as ISC dhcpd which read the raw
       ethernet packet and make assumptions about the location of
       bytes. If you don't need it turn it off because there
       is a small performance penalty. Default is on.

  PPP/SLIP items:
    PERSIST=yes|no
    MODEMPORT=<device, say /dev/modem>
    LINESPEED=<speed, say 115200>
    DEFABORT=yes|no (tells netcfg whether or not to put default
      abort strings in when creating/editing the chat script and/or
      dip script for this interface)
      (meaningless with WVDIALSECT)

  PPP-specific items
    WVDIALSECT=<list of sections from wvdial.conf to use>
      If this variable is set, then the chat script (if it
      exists) is ignored, and wvdial is used to open the
      PPP connection.
    DEFROUTE=yes|no (set this interface as default route? yes is default)
    DEBUG=yes|no (defaults to yes)
      turns on/off pppd and chat (if used) debugging.
    ESCAPECHARS=yes|no (simplified interface here doesn't let people
      specify which characters to escape; almost everyone can use
      asyncmap 00000000 anyway, and they can set PPPOPTIONS to
      asyncmap foobar if they want to set options perfectly)
    HARDFLOWCTL=yes|no (yes imples "modem crtscts" options)
    PPPOPTIONS=<arbitrary option string; is placed last on the
      command line, so it can override other options like asyncmap
      that were specified differently>
    PAPNAME=<"name $PAPNAME" on pppd command line> (note that
      the "remotename" option is always specified as the logical
      ppp device name, like "ppp0" (which might perhaps be the
      physical device ppp1 if some other ppp device was brought
      up earlier...), which makes it easy to manage pap/chap
      files -- name/password pairs are associated with the
      logical ppp device name so that they can be managed
      together.
    REMIP=<remote ip address, normally unspecified>
    MTU=
    MRU=
    DISCONNECTTIMEOUT=<number of seconds, default currently 5>
      (time to wait before re-establishing the connection after
      a successfully-connected session terminates before attempting
      to establish a new connection.)
    RETRYTIMEOUT=<number of seconds, default currently 60>
      (time to wait before re-attempting to establish a connection
      after a previous attempt fails.)
    RETRYCONNECT=yes|no (defaults to yes)
      If this is yes, then we will re-run pppd if it exits with a
      "connect script failed" status.  Otherwise, only one attempt
      is made to bring up the connection.  Note that some connect
      scripts (for example, wvdial) might do their own retries (such
      as BUSY or NO DIALTONE conditions).
    MAXFAIL=<number>
      If this is set, this will cause ppp-watch to exit after
      the specified number of attempts.
    DEMAND=yes|no
      Switches on demand-dialing mode using pppd's "demand" option.
    IDLETIMEOUT=600
      The amount of time the link needs to be inactive before pppd will
      bring it down automatically.
    BOOTTIMEOUT=30
      The amount of time to wait at boot before giving up on the
      connection.

  IPPP-specific items (ISDN)
    PROVIDER=<ProviderName>
         USER=<Login>
    PASSWORD=<Password>
         ENCAP=[syncppp|]
    DIALMODE=[manual|auto]
    SECURE=off|on
         MSN=<>
         PHONE_IN=<Callback.Number>
                 AREACODE=<>
         REGIONCODE=<>
         PHONE_OUT=<PhoneNumber>
    BUNDLING=off|on
    HUPTIMEOUT=<number>
    DNS1=<PrimaryDNS>
    DNS2=<SecondaryDNS>
    DOMAIN=""
    LAYER=[HDLC|]
    CALLBACK=off|on
    CHARGEHUP=<number>
    CHARGEINT=<number>
    CBHUP=<number>
    CBDELAY=<number>
    DIALMAX=<number>
    AUTH=[+pap] [-chap]
    IHUP=<>
    DELDEFAULTROUTE=[enabled|disabled]
    CBCP=off|on
    VJ=off|on
    VJCCOMP=off|on
    AC=off|on
    PC=off|on
    BSDCOMP=off|on
    CCP=off|on
    SLAVE_DEVICE=ippp[0-9]

  ippp0 items being deprecated:
    BOOT=[on|off] will be converted to ONBOOT=[yes|no] by netconf
    LOCAL_IP=     will be converted to IPADDR by netconf
    REMOTE_IP=    will be converted to GATEWAY by netconf

  IPSEC specific items
     SRC=source address. Not required.
     DST=destination address
     TYPE=IPSEC
     SRCNET=source net (for tunneling)
     DSTNET=destination network (for tunneling)

   Manual keying:

     AH_PROTO{_IN,_OUT}=protocol to use for AH (defaults to HMAC-SHA1)
     ESP_PROTO{_IN,_OUT}=protocol to use for ESP (defaults to 3DES)
     KEY_AH{_IN,_OUT}=AH key
     KEY_ESP{_IN,_OUT}=ESP key
     SPI_{ESP,AH_{IN,OUT}}=SPIs to use

   _IN and _OUT specifiers are for using different keys or protocols for inccoming
   and outgoing packets. If neither _IN or _OUT variants are set for protocols or
   keys, the same will be used for both.

   Automatic keying:

     IKE_METHOD=PSK|X509|GSSAPI
         PSK=preshared keys (shared secret)
         X509=X.509 certificates
         GSSAPI=GSSAPI authentication
     IKE_PSK=preshared key for this connection
     IKE_CERTFILE=our certificate file name for X509 IKE
       IKE_PEER_CERTFILE=peer public cert filename for X509 IKE
       IKE_DNSSEC=retrieve peer public certs from DNS
     (otherwise uses certificate information sent over IKE)
  Bonding-specific items

    SLAVE=yes
      Specifies device as a slave
    MASTER=bondXX
      Specifies master device to bind to