Путеводитель по Руководству Linux
  User  |  Syst  |  Libr  |  Device  |  Files  |  Other  |  Admin  |  Head  |


   systemd.netdev    ( 5 )

конфигурация виртуального сетевого устройства (Virtual Network Device configuration)
  Name  |  Synopsis  |  Description  |  Supported netdev kinds  |  Match section options  |  [netdev] section options  |  [bridge] section options  |  [vlan] section options  |  [macvlan] section options  |  [macvtap] section options  |  [ipvlan] section options  |  [ipvtap] section options  |  [vxlan] section options  |  [geneve] section options  |  [bareudp] section options  |  [l2tp] section options  |  [l2tpsession] section options  |  [macsec] section options  |  [macsecreceivechannel] section options  |  [macsectransmitassociation] section options  |  [macsecreceiveassociation] section options  |    [tunnel] section options    |  [foooverudp] section options  |  [peer] section options  |  [vxcan] section options  |  [tun] section options  |  [tap] section options  |  [wireguard] section options  |  [wireguardpeer] section options  |  [bond] section options  |  [xfrm] section options  |  [vrf] section options  |  [batmanadvanced] section options  |  Examples  |  See also  |  Note  |

[TUNNEL] SECTION OPTIONS

The [Tunnel] section only applies for netdevs of kind "ipip", "sit", "gre", "gretap", "ip6gre", "ip6gretap", "vti", "vti6", "ip6tnl", and "erspan" and accepts the following keys:

Local= A static local address for tunneled packets. It must be an address on another interface of this host, or the special value "any".

Remote= The remote endpoint of the tunnel. Takes an IP address or the special value "any".

TOS= The Type Of Service byte value for a tunnel interface. For details about the TOS, see the Type of Service in the Internet Protocol Suite[9] document.

TTL= A fixed Time To Live N on tunneled packets. N is a number in the range 1...255. 0 is a special value meaning that packets inherit the TTL value. The default value for IPv4 tunnels is 0 (inherit). The default value for IPv6 tunnels is 64.

DiscoverPathMTU= Takes a boolean. When true, enables Path MTU Discovery on the tunnel.

IPv6FlowLabel= Configures the 20-bit flow label (see RFC 6437[10]) field in the IPv6 header (see RFC 2460[11]), which is used by a node to label packets of a flow. It is only used for IPv6 tunnels. A flow label of zero is used to indicate packets that have not been labeled. It can be configured to a value in the range 0...0xFFFFF, or be set to "inherit", in which case the original flowlabel is used.

CopyDSCP= Takes a boolean. When true, the Differentiated Service Code Point (DSCP) field will be copied to the inner header from outer header during the decapsulation of an IPv6 tunnel packet. DSCP is a field in an IP packet that enables different levels of service to be assigned to network traffic. Defaults to "no".

EncapsulationLimit= The Tunnel Encapsulation Limit option specifies how many additional levels of encapsulation are permitted to be prepended to the packet. For example, a Tunnel Encapsulation Limit option containing a limit value of zero means that a packet carrying that option may not enter another tunnel before exiting the current tunnel. (see RFC 2473[12]). The valid range is 0–255 and "none". Defaults to 4.

Key= The Key= parameter specifies the same key to use in both directions (InputKey= and OutputKey=). The Key= is either a number or an IPv4 address-like dotted quad. It is used as mark-configured SAD/SPD entry as part of the lookup key (both in data and control path) in IP XFRM (framework used to implement IPsec protocol). See ip-xfrm — transform configuration[13] for details. It is only used for VTI/VTI6, GRE, GRETAP, and ERSPAN tunnels.

InputKey= The InputKey= parameter specifies the key to use for input. The format is same as Key=. It is only used for VTI/VTI6, GRE, GRETAP, and ERSPAN tunnels.

OutputKey= The OutputKey= parameter specifies the key to use for output. The format is same as Key=. It is only used for VTI/VTI6, GRE, GRETAP, and ERSPAN tunnels.

Mode= An "ip6tnl" tunnel can be in one of three modes "ip6ip6" for IPv6 over IPv6, "ipip6" for IPv4 over IPv6 or "any" for either.

Independent= Takes a boolean. When false (the default), the tunnel is always created over some network device, and a .network file that requests this tunnel using Tunnel= is required for the tunnel to be created. When true, the tunnel is created independently of any network as "tunnel@NONE".

AssignToLoopback= Takes a boolean. If set to "yes", the loopback interface "lo" is used as the underlying device of the tunnel interface. Defaults to "no".

AllowLocalRemote= Takes a boolean. When true allows tunnel traffic on ip6tnl devices where the remote endpoint is a local host address. When unset, the kernel's default will be used.

FooOverUDP= Takes a boolean. Specifies whether FooOverUDP= tunnel is to be configured. Defaults to false. This takes effects only for IPIP, SIT, GRE, and GRETAP tunnels. For more detail information see Foo over UDP[14]

FOUDestinationPort= This setting specifies the UDP destination port for encapsulation. This field is mandatory when FooOverUDP=yes, and is not set by default.

FOUSourcePort= This setting specifies the UDP source port for encapsulation. Defaults to 0 — that is, the source port for packets is left to the network stack to decide.

Encapsulation= Accepts the same key as in the [FooOverUDP] section.

IPv6RapidDeploymentPrefix= Reconfigure the tunnel for IPv6 Rapid Deployment[15], also known as 6rd. The value is an ISP-specific IPv6 prefix with a non-zero length. Only applicable to SIT tunnels.

ISATAP= Takes a boolean. If set, configures the tunnel as Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) tunnel. Only applicable to SIT tunnels. When unset, the kernel's default will be used.

SerializeTunneledPackets= Takes a boolean. If set to yes, then packets are serialized. Only applies for GRE, GRETAP, and ERSPAN tunnels. When unset, the kernel's default will be used.

ERSPANIndex= Specifies the ERSPAN index field for the interface, an integer in the range 1...1048575 associated with the ERSPAN traffic's source port and direction. This field is mandatory.