|
Packit |
d3f73b |
.TH IP\-LINK 8 "13 Dec 2012" "iproute2" "Linux"
|
|
Packit |
d3f73b |
.SH "NAME"
|
|
Packit |
d3f73b |
ip-link \- network device configuration
|
|
Packit |
d3f73b |
.SH "SYNOPSIS"
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.ad l
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.ti -8
|
|
Packit |
d3f73b |
.B ip link
|
|
Packit |
d3f73b |
.RI " { " COMMAND " | "
|
|
Packit |
d3f73b |
.BR help " }"
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.ti -8
|
|
Packit |
d3f73b |
.BI "ip link add"
|
|
Packit |
d3f73b |
.RB "[ " link
|
|
Packit |
d3f73b |
.IR DEVICE " ]"
|
|
Packit |
d3f73b |
.RB "[ " name " ]"
|
|
Packit |
d3f73b |
.I NAME
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " txqueuelen
|
|
Packit |
d3f73b |
.IR PACKETS " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " address
|
|
Packit |
d3f73b |
.IR LLADDR " ]"
|
|
Packit |
d3f73b |
.RB "[ " broadcast
|
|
Packit |
d3f73b |
.IR LLADDR " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " mtu
|
|
Packit |
d3f73b |
.IR MTU " ]"
|
|
Packit |
d3f73b |
.RB "[ " index
|
|
Packit |
d3f73b |
.IR IDX " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " numtxqueues
|
|
Packit |
d3f73b |
.IR QUEUE_COUNT " ]"
|
|
Packit |
d3f73b |
.RB "[ " numrxqueues
|
|
Packit |
d3f73b |
.IR QUEUE_COUNT " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.BR "[ " gso_max_size
|
|
Packit |
d3f73b |
.IR BYTES " ]"
|
|
Packit |
d3f73b |
.RB "[ " gso_max_segs
|
|
Packit |
d3f73b |
.IR SEGMENTS " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.BI type " TYPE"
|
|
Packit |
d3f73b |
.RI "[ " ARGS " ]"
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.ti -8
|
|
Packit |
d3f73b |
.BR "ip link delete " {
|
|
Packit |
d3f73b |
.IR DEVICE " | "
|
|
Packit |
d3f73b |
.BI "group " GROUP
|
|
Packit |
d3f73b |
}
|
|
Packit |
d3f73b |
.BI type " TYPE"
|
|
Packit |
d3f73b |
.RI "[ " ARGS " ]"
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.ti -8
|
|
Packit |
d3f73b |
.BR "ip link set " {
|
|
Packit |
d3f73b |
.IR DEVICE " | "
|
|
Packit |
d3f73b |
.BI "group " GROUP
|
|
Packit |
d3f73b |
}
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ { " up " | " down " } ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " type
|
|
Packit |
d3f73b |
.IR "ETYPE TYPE_ARGS" " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " arp " { " on " | " off " } ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " dynamic " { " on " | " off " } ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " multicast " { " on " | " off " } ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " allmulticast " { " on " | " off " } ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " promisc " { " on " | " off " } ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " protodown " { " on " | " off " } ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " trailers " { " on " | " off " } ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " txqueuelen
|
|
Packit |
d3f73b |
.IR PACKETS " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " name
|
|
Packit |
d3f73b |
.IR NEWNAME " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " address
|
|
Packit |
d3f73b |
.IR LLADDR " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " broadcast
|
|
Packit |
d3f73b |
.IR LLADDR " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " mtu
|
|
Packit |
d3f73b |
.IR MTU " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " netns " {"
|
|
Packit |
d3f73b |
.IR PID " | " NETNSNAME " } ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " link-netnsid
|
|
Packit |
d3f73b |
.IR ID " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " alias
|
|
Packit |
d3f73b |
.IR NAME " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " vf
|
|
Packit |
d3f73b |
.IR NUM " ["
|
|
Packit |
d3f73b |
.B mac
|
|
Packit |
d3f73b |
.IR LLADDR " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.in +9
|
|
Packit |
d3f73b |
.RI "[ " VFVLAN-LIST " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " rate
|
|
Packit |
d3f73b |
.IR TXRATE " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " max_tx_rate
|
|
Packit |
d3f73b |
.IR TXRATE " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " min_tx_rate
|
|
Packit |
d3f73b |
.IR TXRATE " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " spoofchk " { " on " | " off " } ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " query_rss " { " on " | " off " } ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " state " { " auto " | " enable " | " disable " } ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " trust " { " on " | " off " } ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " node_guid " eui64 ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " port_guid " eui64 ] ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.in -9
|
|
Packit |
d3f73b |
.RB "[ { " xdp " | " xdpgeneric " | " xdpdrv " | " xdpoffload " } { " off " | "
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.BR object
|
|
Packit |
d3f73b |
.IR FILE
|
|
Packit |
d3f73b |
.RB "[ " section
|
|
Packit |
d3f73b |
.IR NAME " ]"
|
|
Packit |
d3f73b |
.RB "[ " verbose " ] |"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.BR pinned
|
|
Packit |
d3f73b |
.IR FILE " } ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
.RB "[ " master
|
|
Packit |
d3f73b |
.IR DEVICE " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " nomaster " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " vrf
|
|
Packit |
d3f73b |
.IR NAME " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " addrgenmode " { " eui64 " | " none " | " stable_secret " | " random " } ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " macaddr
|
|
Packit |
d3f73b |
.RI "[ " MACADDR " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.in +10
|
|
Packit |
d3f73b |
.RB "[ { " flush " | " add " | " del " } "
|
|
Packit |
d3f73b |
.IR MACADDR " ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.RB "[ " set
|
|
Packit |
d3f73b |
.IR MACADDR " ] ]"
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.ti -8
|
|
Packit |
d3f73b |
.B ip link show
|
|
Packit |
d3f73b |
.RI "[ " DEVICE " | "
|
|
Packit |
d3f73b |
.B group
|
|
Packit |
d3f73b |
.IR GROUP " ] ["
|
|
Packit |
d3f73b |
.BR up " ] ["
|
|
Packit |
d3f73b |
.B master
|
|
Packit |
d3f73b |
.IR DEVICE " ] ["
|
|
Packit |
d3f73b |
.B type
|
|
Packit |
d3f73b |
.IR ETYPE " ] ["
|
|
Packit |
d3f73b |
.B vrf
|
|
Packit |
d3f73b |
.IR NAME " ]"
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.ti -8
|
|
Packit |
d3f73b |
.B ip link xstats
|
|
Packit |
d3f73b |
.BI type " TYPE"
|
|
Packit |
d3f73b |
.RI "[ " ARGS " ]"
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.ti -8
|
|
Packit |
d3f73b |
.B ip link afstats
|
|
Packit |
d3f73b |
.RB "[ " dev
|
|
Packit |
d3f73b |
.IR DEVICE " ]"
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.ti -8
|
|
Packit |
d3f73b |
.B ip link help
|
|
Packit |
d3f73b |
.RI "[ " TYPE " ]"
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.ti -8
|
|
Packit |
d3f73b |
.IR TYPE " := [ "
|
|
Packit |
d3f73b |
.BR bridge " | "
|
|
Packit |
d3f73b |
.BR bond " | "
|
|
Packit |
d3f73b |
.BR can " | "
|
|
Packit |
d3f73b |
.BR dummy " | "
|
|
Packit |
d3f73b |
.BR hsr " | "
|
|
Packit |
d3f73b |
.BR ifb " | "
|
|
Packit |
d3f73b |
.BR ipoib " |"
|
|
Packit |
d3f73b |
.BR macvlan " | "
|
|
Packit |
d3f73b |
.BR macvtap " | "
|
|
Packit |
d3f73b |
.BR vcan " | "
|
|
Packit |
d3f73b |
.BR vxcan " | "
|
|
Packit |
d3f73b |
.BR veth " | "
|
|
Packit |
d3f73b |
.BR vlan " | "
|
|
Packit |
d3f73b |
.BR vxlan " |"
|
|
Packit |
d3f73b |
.BR ip6tnl " |"
|
|
Packit |
d3f73b |
.BR ipip " |"
|
|
Packit |
d3f73b |
.BR sit " |"
|
|
Packit |
d3f73b |
.BR gre " |"
|
|
Packit |
d3f73b |
.BR gretap " |"
|
|
Packit |
d3f73b |
.BR erspan " |"
|
|
Packit |
d3f73b |
.BR ip6gre " |"
|
|
Packit |
d3f73b |
.BR ip6gretap " |"
|
|
Packit |
d3f73b |
.BR ip6erspan " |"
|
|
Packit |
d3f73b |
.BR vti " |"
|
|
Packit |
d3f73b |
.BR nlmon " |"
|
|
Packit |
d3f73b |
.BR ipvlan " |"
|
|
Packit |
d3f73b |
.BR ipvtap " |"
|
|
Packit |
d3f73b |
.BR lowpan " |"
|
|
Packit |
d3f73b |
.BR geneve " |"
|
|
Packit |
d3f73b |
.BR vrf " |"
|
|
Packit |
d3f73b |
.BR macsec " |"
|
|
Packit |
d3f73b |
.BR netdevsim " |"
|
|
Packit |
d3f73b |
.BR rmnet " |"
|
|
Packit |
d3f73b |
.BR xfrm " ]"
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.ti -8
|
|
Packit |
d3f73b |
.IR ETYPE " := [ " TYPE " |"
|
|
Packit |
d3f73b |
.BR bridge_slave " | " bond_slave " ]"
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.ti -8
|
|
Packit |
d3f73b |
.IR VFVLAN-LIST " := [ " VFVLAN-LIST " ] " VFVLAN
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.ti -8
|
|
Packit |
d3f73b |
.IR VFVLAN " := "
|
|
Packit |
d3f73b |
.RB "[ " vlan
|
|
Packit |
d3f73b |
.IR VLANID " [ "
|
|
Packit |
d3f73b |
.B qos
|
|
Packit |
d3f73b |
.IR VLAN-QOS " ] ["
|
|
Packit |
d3f73b |
.B proto
|
|
Packit |
d3f73b |
.IR VLAN-PROTO " ] ]"
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.SH "DESCRIPTION"
|
|
Packit |
d3f73b |
.SS ip link add - add virtual link
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI link " DEVICE "
|
|
Packit |
d3f73b |
specifies the physical device to act operate on.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.I NAME
|
|
Packit |
d3f73b |
specifies the name of the new virtual device.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.I TYPE
|
|
Packit |
d3f73b |
specifies the type of the new device.
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
Link types:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.B bridge
|
|
Packit |
d3f73b |
- Ethernet Bridge device
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B bond
|
|
Packit |
d3f73b |
- Bonding device
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B dummy
|
|
Packit |
d3f73b |
- Dummy network interface
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B hsr
|
|
Packit |
d3f73b |
- High-availability Seamless Redundancy device
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B ifb
|
|
Packit |
d3f73b |
- Intermediate Functional Block device
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B ipoib
|
|
Packit |
d3f73b |
- IP over Infiniband device
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B macvlan
|
|
Packit |
d3f73b |
- Virtual interface base on link layer address (MAC)
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B macvtap
|
|
Packit |
d3f73b |
- Virtual interface based on link layer address (MAC) and TAP.
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B vcan
|
|
Packit |
d3f73b |
- Virtual Controller Area Network interface
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B vxcan
|
|
Packit |
d3f73b |
- Virtual Controller Area Network tunnel interface
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B veth
|
|
Packit |
d3f73b |
- Virtual ethernet interface
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR vlan
|
|
Packit |
d3f73b |
- 802.1q tagged virtual LAN interface
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR vxlan
|
|
Packit |
d3f73b |
- Virtual eXtended LAN
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR ip6tnl
|
|
Packit |
d3f73b |
- Virtual tunnel interface IPv4|IPv6 over IPv6
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR ipip
|
|
Packit |
d3f73b |
- Virtual tunnel interface IPv4 over IPv4
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR sit
|
|
Packit |
d3f73b |
- Virtual tunnel interface IPv6 over IPv4
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR gre
|
|
Packit |
d3f73b |
- Virtual tunnel interface GRE over IPv4
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR gretap
|
|
Packit |
d3f73b |
- Virtual L2 tunnel interface GRE over IPv4
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR erspan
|
|
Packit |
d3f73b |
- Encapsulated Remote SPAN over GRE and IPv4
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR ip6gre
|
|
Packit |
d3f73b |
- Virtual tunnel interface GRE over IPv6
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR ip6gretap
|
|
Packit |
d3f73b |
- Virtual L2 tunnel interface GRE over IPv6
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR ip6erspan
|
|
Packit |
d3f73b |
- Encapsulated Remote SPAN over GRE and IPv6
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR vti
|
|
Packit |
d3f73b |
- Virtual tunnel interface
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR nlmon
|
|
Packit |
d3f73b |
- Netlink monitoring device
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR ipvlan
|
|
Packit |
d3f73b |
- Interface for L3 (IPv6/IPv4) based VLANs
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR ipvtap
|
|
Packit |
d3f73b |
- Interface for L3 (IPv6/IPv4) based VLANs and TAP
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR lowpan
|
|
Packit |
d3f73b |
- Interface for 6LoWPAN (IPv6) over IEEE 802.15.4 / Bluetooth
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR geneve
|
|
Packit |
d3f73b |
- GEneric NEtwork Virtualization Encapsulation
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR macsec
|
|
Packit |
d3f73b |
- Interface for IEEE 802.1AE MAC Security (MACsec)
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR vrf
|
|
Packit |
d3f73b |
- Interface for L3 VRF domains
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR netdevsim
|
|
Packit |
d3f73b |
- Interface for netdev API tests
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR rmnet
|
|
Packit |
d3f73b |
- Qualcomm rmnet device
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR xfrm
|
|
Packit |
d3f73b |
- Virtual xfrm interface
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI numtxqueues " QUEUE_COUNT "
|
|
Packit |
d3f73b |
specifies the number of transmit queues for new device.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI numrxqueues " QUEUE_COUNT "
|
|
Packit |
d3f73b |
specifies the number of receive queues for new device.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI gso_max_size " BYTES "
|
|
Packit |
d3f73b |
specifies the recommended maximum size of a Generic Segment Offload
|
|
Packit |
d3f73b |
packet the new device should accept.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI gso_max_segs " SEGMENTS "
|
|
Packit |
d3f73b |
specifies the recommended maximum number of a Generic Segment Offload
|
|
Packit |
d3f73b |
segments the new device should accept.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI index " IDX "
|
|
Packit |
d3f73b |
specifies the desired index of the new virtual device. The link
|
|
Packit |
d3f73b |
creation fails, if the index is busy.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
VLAN Type Support
|
|
Packit |
d3f73b |
For a link of type
|
|
Packit |
d3f73b |
.I VLAN
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI "ip link add
|
|
Packit |
d3f73b |
.BI link " DEVICE "
|
|
Packit |
d3f73b |
.BI name " NAME "
|
|
Packit |
d3f73b |
.B "type vlan"
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.BI protocol " VLAN_PROTO "
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
.BI id " VLANID "
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.BR reorder_hdr " { " on " | " off " } "
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.BR gvrp " { " on " | " off " } "
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.BR mvrp " { " on " | " off " } "
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.BR loose_binding " { " on " | " off " } "
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.BR bridge_binding " { " on " | " off " } "
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.BI ingress-qos-map " QOS-MAP "
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.BI egress-qos-map " QOS-MAP "
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI protocol " VLAN_PROTO "
|
|
Packit |
d3f73b |
- either 802.1Q or 802.1ad.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI id " VLANID "
|
|
Packit |
d3f73b |
- specifies the VLAN Identifer to use. Note that numbers with a leading " 0 " or " 0x " are interpreted as octal or hexadeimal, respectively.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR reorder_hdr " { " on " | " off " } "
|
|
Packit |
d3f73b |
- specifies whether ethernet headers are reordered or not (default is
|
|
Packit |
d3f73b |
.BR on ")."
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +4
|
|
Packit |
d3f73b |
If
|
|
Packit |
d3f73b |
.BR reorder_hdr " is " on
|
|
Packit |
d3f73b |
then VLAN header will be not inserted immediately but only before
|
|
Packit |
d3f73b |
passing to the physical device (if this device does not support VLAN
|
|
Packit |
d3f73b |
offloading), the similar on the RX direction - by default the packet
|
|
Packit |
d3f73b |
will be untagged before being received by VLAN device. Reordering
|
|
Packit |
d3f73b |
allows to accelerate tagging on egress and to hide VLAN header on
|
|
Packit |
d3f73b |
ingress so the packet looks like regular Ethernet packet, at the same
|
|
Packit |
d3f73b |
time it might be confusing for packet capture as the VLAN header does
|
|
Packit |
d3f73b |
not exist within the packet.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
VLAN offloading can be checked by
|
|
Packit |
d3f73b |
.BR ethtool "(8):"
|
|
Packit |
d3f73b |
.in +4
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B ethtool -k
|
|
Packit |
d3f73b |
<phy_dev> |
|
|
Packit |
d3f73b |
.RB grep " tx-vlan-offload"
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.in -4
|
|
Packit |
d3f73b |
where <phy_dev> is the physical device to which VLAN device is bound.
|
|
Packit |
d3f73b |
.in -4
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR gvrp " { " on " | " off " } "
|
|
Packit |
d3f73b |
- specifies whether this VLAN should be registered using GARP VLAN
|
|
Packit |
d3f73b |
Registration Protocol.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR mvrp " { " on " | " off " } "
|
|
Packit |
d3f73b |
- specifies whether this VLAN should be registered using Multiple VLAN
|
|
Packit |
d3f73b |
Registration Protocol.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR loose_binding " { " on " | " off " } "
|
|
Packit |
d3f73b |
- specifies whether the VLAN device state is bound to the physical device state.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR bridge_binding " { " on " | " off " } "
|
|
Packit |
d3f73b |
- specifies whether the VLAN device link state tracks the state of bridge ports
|
|
Packit |
d3f73b |
that are members of the VLAN.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI ingress-qos-map " QOS-MAP "
|
|
Packit |
d3f73b |
- defines a mapping of VLAN header prio field to the Linux internal packet
|
|
Packit |
d3f73b |
priority on incoming frames. The format is FROM:TO with multiple mappings
|
|
Packit |
d3f73b |
separated by spaces.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI egress-qos-map " QOS-MAP "
|
|
Packit |
d3f73b |
- defines a mapping of Linux internal packet priority to VLAN header prio field
|
|
Packit |
d3f73b |
but for outgoing frames. The format is the same as for ingress-qos-map.
|
|
Packit |
d3f73b |
.in +4
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
Linux packet priority can be set by
|
|
Packit |
d3f73b |
.BR iptables "(8)":
|
|
Packit |
d3f73b |
.in +4
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B iptables
|
|
Packit |
d3f73b |
-t mangle -A POSTROUTING [...] -j CLASSIFY --set-class 0:4
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.in -4
|
|
Packit |
d3f73b |
and this "4" priority can be used in the egress qos mapping to set
|
|
Packit |
d3f73b |
VLAN prio "5":
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.in +4
|
|
Packit |
d3f73b |
.B ip
|
|
Packit |
d3f73b |
link set veth0.10 type vlan egress 4:5
|
|
Packit |
d3f73b |
.in -4
|
|
Packit |
d3f73b |
.in -4
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
VXLAN Type Support
|
|
Packit |
d3f73b |
For a link of type
|
|
Packit |
d3f73b |
.I VXLAN
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI "ip link add " DEVICE
|
|
Packit |
d3f73b |
.BI type " vxlan " id " VNI"
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.BI dev " PHYS_DEV "
|
|
Packit |
d3f73b |
.RB " ] [ { " group " | " remote " } "
|
|
Packit |
d3f73b |
.I IPADDR
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.B local
|
|
Packit |
d3f73b |
.RI "{ "IPADDR " | "any " } "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI ttl " TTL "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI tos " TOS "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI df " DF "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI flowlabel " FLOWLABEL "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI dstport " PORT "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI srcport " MIN MAX "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] learning
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] proxy
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] rsc
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] l2miss
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] l3miss
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] udpcsum
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] udp6zerocsumtx
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] udp6zerocsumrx
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI ageing " SECONDS "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI maxaddress " NUMBER "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] external
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.B gbp
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.B gpe
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI id " VNI "
|
|
Packit |
d3f73b |
- specifies the VXLAN Network Identifer (or VXLAN Segment
|
|
Packit |
d3f73b |
Identifier) to use.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI dev " PHYS_DEV"
|
|
Packit |
d3f73b |
- specifies the physical device to use for tunnel endpoint communication.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI group " IPADDR"
|
|
Packit |
d3f73b |
- specifies the multicast IP address to join.
|
|
Packit |
d3f73b |
This parameter cannot be specified with the
|
|
Packit |
d3f73b |
.B remote
|
|
Packit |
d3f73b |
parameter.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI remote " IPADDR"
|
|
Packit |
d3f73b |
- specifies the unicast destination IP address to use in outgoing packets
|
|
Packit |
d3f73b |
when the destination link layer address is not known in the VXLAN device
|
|
Packit |
d3f73b |
forwarding database. This parameter cannot be specified with the
|
|
Packit |
d3f73b |
.B group
|
|
Packit |
d3f73b |
parameter.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI local " IPADDR"
|
|
Packit |
d3f73b |
- specifies the source IP address to use in outgoing packets.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI ttl " TTL"
|
|
Packit |
d3f73b |
- specifies the TTL value to use in outgoing packets.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI tos " TOS"
|
|
Packit |
d3f73b |
- specifies the TOS value to use in outgoing packets.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI df " DF"
|
|
Packit |
d3f73b |
- specifies the usage of the Don't Fragment flag (DF) bit in outgoing packets
|
|
Packit |
d3f73b |
with IPv4 headers. The value
|
|
Packit |
d3f73b |
.B inherit
|
|
Packit |
d3f73b |
causes the bit to be copied from the original IP header. The values
|
|
Packit |
d3f73b |
.B unset
|
|
Packit |
d3f73b |
and
|
|
Packit |
d3f73b |
.B set
|
|
Packit |
d3f73b |
cause the bit to be always unset or always set, respectively. By default, the
|
|
Packit |
d3f73b |
bit is not set.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI flowlabel " FLOWLABEL"
|
|
Packit |
d3f73b |
- specifies the flow label to use in outgoing packets.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI dstport " PORT"
|
|
Packit |
d3f73b |
- specifies the UDP destination port to communicate to the remote
|
|
Packit |
d3f73b |
VXLAN tunnel endpoint.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI srcport " MIN MAX"
|
|
Packit |
d3f73b |
- specifies the range of port numbers to use as UDP
|
|
Packit |
d3f73b |
source ports to communicate to the remote VXLAN tunnel endpoint.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] learning
|
|
Packit |
d3f73b |
- specifies if unknown source link layer addresses and IP addresses
|
|
Packit |
d3f73b |
are entered into the VXLAN device forwarding database.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] rsc
|
|
Packit |
d3f73b |
- specifies if route short circuit is turned on.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] proxy
|
|
Packit |
d3f73b |
- specifies ARP proxy is turned on.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] l2miss
|
|
Packit |
d3f73b |
- specifies if netlink LLADDR miss notifications are generated.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] l3miss
|
|
Packit |
d3f73b |
- specifies if netlink IP ADDR miss notifications are generated.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] udpcsum
|
|
Packit |
d3f73b |
- specifies if UDP checksum is calculated for transmitted packets over IPv4.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] udp6zerocsumtx
|
|
Packit |
d3f73b |
- skip UDP checksum calculation for transmitted packets over IPv6.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] udp6zerocsumrx
|
|
Packit |
d3f73b |
- allow incoming UDP packets over IPv6 with zero checksum field.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI ageing " SECONDS"
|
|
Packit |
d3f73b |
- specifies the lifetime in seconds of FDB entries learnt by the kernel.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI maxaddress " NUMBER"
|
|
Packit |
d3f73b |
- specifies the maximum number of FDB entries.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] external
|
|
Packit |
d3f73b |
- specifies whether an external control plane
|
|
Packit |
d3f73b |
.RB "(e.g. " "ip route encap" )
|
|
Packit |
d3f73b |
or the internal FDB should be used.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B gbp
|
|
Packit |
d3f73b |
- enables the Group Policy extension (VXLAN-GBP).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +4
|
|
Packit |
d3f73b |
Allows to transport group policy context across VXLAN network peers.
|
|
Packit |
d3f73b |
If enabled, includes the mark of a packet in the VXLAN header for outgoing
|
|
Packit |
d3f73b |
packets and fills the packet mark based on the information found in the
|
|
Packit |
d3f73b |
VXLAN header for incoming packets.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
Format of upper 16 bits of packet mark (flags);
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +2
|
|
Packit |
d3f73b |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
|-|-|-|-|-|-|-|-|-|D|-|-|A|-|-|-|
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.B D :=
|
|
Packit |
d3f73b |
Don't Learn bit. When set, this bit indicates that the egress
|
|
Packit |
d3f73b |
VTEP MUST NOT learn the source address of the encapsulated frame.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.B A :=
|
|
Packit |
d3f73b |
Indicates that the group policy has already been applied to
|
|
Packit |
d3f73b |
this packet. Policies MUST NOT be applied by devices when the A bit is set.
|
|
Packit |
d3f73b |
.in -2
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
Format of lower 16 bits of packet mark (policy ID):
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +2
|
|
Packit |
d3f73b |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
| Group Policy ID |
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
Packit |
d3f73b |
.in -2
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
Example:
|
|
Packit |
d3f73b |
iptables -A OUTPUT [...] -j MARK --set-mark 0x800FF
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in -4
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B gpe
|
|
Packit |
d3f73b |
- enables the Generic Protocol extension (VXLAN-GPE). Currently, this is
|
|
Packit |
d3f73b |
only supported together with the
|
|
Packit |
d3f73b |
.B external
|
|
Packit |
d3f73b |
keyword.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
VETH, VXCAN Type Support
|
|
Packit |
d3f73b |
For a link of types
|
|
Packit |
d3f73b |
.I VETH/VXCAN
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI "ip link add " DEVICE
|
|
Packit |
d3f73b |
.BR type " { " veth " | " vxcan " }"
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.BR peer
|
|
Packit |
d3f73b |
.BI "name " NAME
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR peer
|
|
Packit |
d3f73b |
.BI "name " NAME
|
|
Packit |
d3f73b |
- specifies the virtual pair device name of the
|
|
Packit |
d3f73b |
.I VETH/VXCAN
|
|
Packit |
d3f73b |
tunnel.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
IPIP, SIT Type Support
|
|
Packit |
d3f73b |
For a link of type
|
|
Packit |
d3f73b |
.IR IPIP or SIT
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI "ip link add " DEVICE
|
|
Packit |
d3f73b |
.BR type " { " ipip " | " sit " }"
|
|
Packit |
d3f73b |
.BI " remote " ADDR " local " ADDR
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.BR encap " { " fou " | " gue " | " none " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR encap-sport " { " \fIPORT " | " auto " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI "encap-dport " PORT
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] encap-csum
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.I " [no]encap-remcsum "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.I " mode " { ip6ip | ipip | mplsip | any } "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR external
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI remote " ADDR "
|
|
Packit |
d3f73b |
- specifies the remote address of the tunnel.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI local " ADDR "
|
|
Packit |
d3f73b |
- specifies the fixed local address for tunneled packets.
|
|
Packit |
d3f73b |
It must be an address on another interface on this host.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR encap " { " fou " | " gue " | " none " }"
|
|
Packit |
d3f73b |
- specifies type of secondary UDP encapsulation. "fou" indicates
|
|
Packit |
d3f73b |
Foo-Over-UDP, "gue" indicates Generic UDP Encapsulation.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR encap-sport " { " \fIPORT " | " auto " }"
|
|
Packit |
d3f73b |
- specifies the source port in UDP encapsulation.
|
|
Packit |
d3f73b |
.IR PORT
|
|
Packit |
d3f73b |
indicates the port by number, "auto"
|
|
Packit |
d3f73b |
indicates that the port number should be chosen automatically
|
|
Packit |
d3f73b |
(the kernel picks a flow based on the flow hash of the
|
|
Packit |
d3f73b |
encapsulated packet).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] encap-csum
|
|
Packit |
d3f73b |
- specifies if UDP checksums are enabled in the secondary
|
|
Packit |
d3f73b |
encapsulation.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] encap-remcsum
|
|
Packit |
d3f73b |
- specifies if Remote Checksum Offload is enabled. This is only
|
|
Packit |
d3f73b |
applicable for Generic UDP Encapsulation.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI mode " { ip6ip | ipip | mplsip | any } "
|
|
Packit |
d3f73b |
- specifies mode in which device should run. "ip6ip" indicates
|
|
Packit |
d3f73b |
IPv6-Over-IPv4, "ipip" indicates "IPv4-Over-IPv4", "mplsip" indicates
|
|
Packit |
d3f73b |
MPLS-Over-IPv4, "any" indicates IPv6, IPv4 or MPLS Over IPv4. Supported for
|
|
Packit |
d3f73b |
SIT where the default is "ip6ip" and IPIP where the default is "ipip".
|
|
Packit |
d3f73b |
IPv6-Over-IPv4 is not supported for IPIP.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR external
|
|
Packit |
d3f73b |
- make this tunnel externally controlled
|
|
Packit |
d3f73b |
.RB "(e.g. " "ip route encap" ).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
GRE Type Support
|
|
Packit |
d3f73b |
For a link of type
|
|
Packit |
d3f73b |
.IR GRE " or " GRETAP
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI "ip link add " DEVICE
|
|
Packit |
d3f73b |
.BR type " { " gre " | " gretap " }"
|
|
Packit |
d3f73b |
.BI " remote " ADDR " local " ADDR
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.RB [ no ] "" [ i | o ] seq
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ i | o ] key
|
|
Packit |
d3f73b |
.I KEY
|
|
Packit |
d3f73b |
|
|
|
Packit |
d3f73b |
.BR no [ i | o ] key
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] "" [ i | o ] csum
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI ttl " TTL "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI tos " TOS "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] pmtudisc
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] ignore-df
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI dev " PHYS_DEV "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR encap " { " fou " | " gue " | " none " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR encap-sport " { " \fIPORT " | " auto " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI "encap-dport " PORT
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] encap-csum
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] encap-remcsum
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR external
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI remote " ADDR "
|
|
Packit |
d3f73b |
- specifies the remote address of the tunnel.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI local " ADDR "
|
|
Packit |
d3f73b |
- specifies the fixed local address for tunneled packets.
|
|
Packit |
d3f73b |
It must be an address on another interface on this host.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] "" [ i | o ] seq
|
|
Packit |
d3f73b |
- serialize packets.
|
|
Packit |
d3f73b |
The
|
|
Packit |
d3f73b |
.B oseq
|
|
Packit |
d3f73b |
flag enables sequencing of outgoing packets.
|
|
Packit |
d3f73b |
The
|
|
Packit |
d3f73b |
.B iseq
|
|
Packit |
d3f73b |
flag requires that all input packets are serialized.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ i | o ] key
|
|
Packit |
d3f73b |
.I KEY
|
|
Packit |
d3f73b |
|
|
|
Packit |
d3f73b |
.BR no [ i | o ] key
|
|
Packit |
d3f73b |
- use keyed GRE with key
|
|
Packit |
d3f73b |
.IR KEY ". "KEY
|
|
Packit |
d3f73b |
is either a number or an IPv4 address-like dotted quad.
|
|
Packit |
d3f73b |
The
|
|
Packit |
d3f73b |
.B key
|
|
Packit |
d3f73b |
parameter specifies the same key to use in both directions.
|
|
Packit |
d3f73b |
The
|
|
Packit |
d3f73b |
.BR ikey " and " okey
|
|
Packit |
d3f73b |
parameters specify different keys for input and output.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] "" [ i | o ] csum
|
|
Packit |
d3f73b |
- generate/require checksums for tunneled packets.
|
|
Packit |
d3f73b |
The
|
|
Packit |
d3f73b |
.B ocsum
|
|
Packit |
d3f73b |
flag calculates checksums for outgoing packets.
|
|
Packit |
d3f73b |
The
|
|
Packit |
d3f73b |
.B icsum
|
|
Packit |
d3f73b |
flag requires that all input packets have the correct
|
|
Packit |
d3f73b |
checksum. The
|
|
Packit |
d3f73b |
.B csum
|
|
Packit |
d3f73b |
flag is equivalent to the combination
|
|
Packit |
d3f73b |
.B "icsum ocsum" .
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI ttl " TTL"
|
|
Packit |
d3f73b |
- specifies the TTL value to use in outgoing packets.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI tos " TOS"
|
|
Packit |
d3f73b |
- specifies the TOS value to use in outgoing packets.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] pmtudisc
|
|
Packit |
d3f73b |
- enables/disables Path MTU Discovery on this tunnel.
|
|
Packit |
d3f73b |
It is enabled by default. Note that a fixed ttl is incompatible
|
|
Packit |
d3f73b |
with this option: tunneling with a fixed ttl always makes pmtu
|
|
Packit |
d3f73b |
discovery.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] ignore-df
|
|
Packit |
d3f73b |
- enables/disables IPv4 DF suppression on this tunnel.
|
|
Packit |
d3f73b |
Normally datagrams that exceed the MTU will be fragmented; the presence
|
|
Packit |
d3f73b |
of the DF flag inhibits this, resulting instead in an ICMP Unreachable
|
|
Packit |
d3f73b |
(Fragmentation Required) message. Enabling this attribute causes the
|
|
Packit |
d3f73b |
DF flag to be ignored.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI dev " PHYS_DEV"
|
|
Packit |
d3f73b |
- specifies the physical device to use for tunnel endpoint communication.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR encap " { " fou " | " gue " | " none " }"
|
|
Packit |
d3f73b |
- specifies type of secondary UDP encapsulation. "fou" indicates
|
|
Packit |
d3f73b |
Foo-Over-UDP, "gue" indicates Generic UDP Encapsulation.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR encap-sport " { " \fIPORT " | " auto " }"
|
|
Packit |
d3f73b |
- specifies the source port in UDP encapsulation.
|
|
Packit |
d3f73b |
.IR PORT
|
|
Packit |
d3f73b |
indicates the port by number, "auto"
|
|
Packit |
d3f73b |
indicates that the port number should be chosen automatically
|
|
Packit |
d3f73b |
(the kernel picks a flow based on the flow hash of the
|
|
Packit |
d3f73b |
encapsulated packet).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] encap-csum
|
|
Packit |
d3f73b |
- specifies if UDP checksums are enabled in the secondary
|
|
Packit |
d3f73b |
encapsulation.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] encap-remcsum
|
|
Packit |
d3f73b |
- specifies if Remote Checksum Offload is enabled. This is only
|
|
Packit |
d3f73b |
applicable for Generic UDP Encapsulation.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR external
|
|
Packit |
d3f73b |
- make this tunnel externally controlled
|
|
Packit |
d3f73b |
.RB "(e.g. " "ip route encap" ).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
IP6GRE/IP6GRETAP Type Support
|
|
Packit |
d3f73b |
For a link of type
|
|
Packit |
d3f73b |
.I IP6GRE/IP6GRETAP
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI "ip link add " DEVICE
|
|
Packit |
d3f73b |
.BR type " { " ip6gre " | " ip6gretap " }"
|
|
Packit |
d3f73b |
.BI remote " ADDR " local " ADDR"
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.RB [ no ] "" [ i | o ] seq
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ i | o ] key
|
|
Packit |
d3f73b |
.I KEY
|
|
Packit |
d3f73b |
|
|
|
Packit |
d3f73b |
.BR no [ i | o ] key
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] "" [ i | o ] csum
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI hoplimit " TTL "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI encaplimit " ELIM "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI tclass " TCLASS "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI flowlabel " FLOWLABEL "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI "dscp inherit"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI "[no]allow-localremote"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI dev " PHYS_DEV "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB external
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI remote " ADDR "
|
|
Packit |
d3f73b |
- specifies the remote IPv6 address of the tunnel.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI local " ADDR "
|
|
Packit |
d3f73b |
- specifies the fixed local IPv6 address for tunneled packets.
|
|
Packit |
d3f73b |
It must be an address on another interface on this host.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] "" [ i | o ] seq
|
|
Packit |
d3f73b |
- serialize packets.
|
|
Packit |
d3f73b |
The
|
|
Packit |
d3f73b |
.B oseq
|
|
Packit |
d3f73b |
flag enables sequencing of outgoing packets.
|
|
Packit |
d3f73b |
The
|
|
Packit |
d3f73b |
.B iseq
|
|
Packit |
d3f73b |
flag requires that all input packets are serialized.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ i | o ] key
|
|
Packit |
d3f73b |
.I KEY
|
|
Packit |
d3f73b |
|
|
|
Packit |
d3f73b |
.BR no [ i | o ] key
|
|
Packit |
d3f73b |
- use keyed GRE with key
|
|
Packit |
d3f73b |
.IR KEY ". "KEY
|
|
Packit |
d3f73b |
is either a number or an IPv4 address-like dotted quad.
|
|
Packit |
d3f73b |
The
|
|
Packit |
d3f73b |
.B key
|
|
Packit |
d3f73b |
parameter specifies the same key to use in both directions.
|
|
Packit |
d3f73b |
The
|
|
Packit |
d3f73b |
.BR ikey " and " okey
|
|
Packit |
d3f73b |
parameters specify different keys for input and output.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] "" [ i | o ] csum
|
|
Packit |
d3f73b |
- generate/require checksums for tunneled packets.
|
|
Packit |
d3f73b |
The
|
|
Packit |
d3f73b |
.B ocsum
|
|
Packit |
d3f73b |
flag calculates checksums for outgoing packets.
|
|
Packit |
d3f73b |
The
|
|
Packit |
d3f73b |
.B icsum
|
|
Packit |
d3f73b |
flag requires that all input packets have the correct
|
|
Packit |
d3f73b |
checksum. The
|
|
Packit |
d3f73b |
.B csum
|
|
Packit |
d3f73b |
flag is equivalent to the combination
|
|
Packit |
d3f73b |
.BR "icsum ocsum" .
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI hoplimit " TTL"
|
|
Packit |
d3f73b |
- specifies Hop Limit value to use in outgoing packets.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI encaplimit " ELIM"
|
|
Packit |
d3f73b |
- specifies a fixed encapsulation limit. Default is 4.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI flowlabel " FLOWLABEL"
|
|
Packit |
d3f73b |
- specifies a fixed flowlabel.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI [no]allow-localremote
|
|
Packit |
d3f73b |
- specifies whether to allow remote endpoint to have an address configured on
|
|
Packit |
d3f73b |
local host.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI tclass " TCLASS"
|
|
Packit |
d3f73b |
- specifies the traffic class field on
|
|
Packit |
d3f73b |
tunneled packets, which can be specified as either a two-digit
|
|
Packit |
d3f73b |
hex value (e.g. c0) or a predefined string (e.g. internet).
|
|
Packit |
d3f73b |
The value
|
|
Packit |
d3f73b |
.B inherit
|
|
Packit |
d3f73b |
causes the field to be copied from the original IP header. The
|
|
Packit |
d3f73b |
values
|
|
Packit |
d3f73b |
.BI "inherit/" STRING
|
|
Packit |
d3f73b |
or
|
|
Packit |
d3f73b |
.BI "inherit/" 00 ".." ff
|
|
Packit |
d3f73b |
will set the field to
|
|
Packit |
d3f73b |
.I STRING
|
|
Packit |
d3f73b |
or
|
|
Packit |
d3f73b |
.IR 00 ".." ff
|
|
Packit |
d3f73b |
when tunneling non-IP packets. The default value is 00.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB external
|
|
Packit |
d3f73b |
- make this tunnel externally controlled (or not, which is the default).
|
|
Packit |
d3f73b |
In the kernel, this is referred to as collect metadata mode. This flag is
|
|
Packit |
d3f73b |
mutually exclusive with the
|
|
Packit |
d3f73b |
.BR remote ,
|
|
Packit |
d3f73b |
.BR local ,
|
|
Packit |
d3f73b |
.BR seq ,
|
|
Packit |
d3f73b |
.BR key,
|
|
Packit |
d3f73b |
.BR csum,
|
|
Packit |
d3f73b |
.BR hoplimit,
|
|
Packit |
d3f73b |
.BR encaplimit,
|
|
Packit |
d3f73b |
.BR flowlabel " and " tclass
|
|
Packit |
d3f73b |
options.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
IPoIB Type Support
|
|
Packit |
d3f73b |
For a link of type
|
|
Packit |
d3f73b |
.I IPoIB
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI "ip link add " DEVICE " name " NAME
|
|
Packit |
d3f73b |
.BR "type ipoib " [ " pkey \fIPKEY" " ] [ " mode " \fIMODE \fR]"
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI pkey " PKEY "
|
|
Packit |
d3f73b |
- specifies the IB P-Key to use.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mode " MODE "
|
|
Packit |
d3f73b |
- specifies the mode (datagram or connected) to use.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
ERSPAN Type Support
|
|
Packit |
d3f73b |
For a link of type
|
|
Packit |
d3f73b |
.I ERSPAN/IP6ERSPAN
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI "ip link add " DEVICE
|
|
Packit |
d3f73b |
.BR type " { " erspan " | " ip6erspan " }"
|
|
Packit |
d3f73b |
.BI remote " ADDR " local " ADDR " seq
|
|
Packit |
d3f73b |
.RB key
|
|
Packit |
d3f73b |
.I KEY
|
|
Packit |
d3f73b |
.BR erspan_ver " \fIversion "
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.BR erspan " \fIIDX "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR erspan_dir " { " \fIingress " | " \fIegress " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR erspan_hwid " \fIhwid "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI "[no]allow-localremote"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB external
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI remote " ADDR "
|
|
Packit |
d3f73b |
- specifies the remote address of the tunnel.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI local " ADDR "
|
|
Packit |
d3f73b |
- specifies the fixed local address for tunneled packets.
|
|
Packit |
d3f73b |
It must be an address on another interface on this host.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR erspan_ver " \fIversion "
|
|
Packit |
d3f73b |
- specifies the ERSPAN version number.
|
|
Packit |
d3f73b |
.IR version
|
|
Packit |
d3f73b |
indicates the ERSPAN version to be created: 1 for version 1 (type II)
|
|
Packit |
d3f73b |
or 2 for version 2 (type III).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR erspan " \fIIDX "
|
|
Packit |
d3f73b |
- specifies the ERSPAN v1 index field.
|
|
Packit |
d3f73b |
.IR IDX
|
|
Packit |
d3f73b |
indicates a 20 bit index/port number associated with the ERSPAN
|
|
Packit |
d3f73b |
traffic's source port and direction.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR erspan_dir " { " \fIingress " | " \fIegress " }"
|
|
Packit |
d3f73b |
- specifies the ERSPAN v2 mirrored traffic's direction.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR erspan_hwid " \fIhwid "
|
|
Packit |
d3f73b |
- an unique identifier of an ERSPAN v2 engine within a system.
|
|
Packit |
d3f73b |
.IR hwid
|
|
Packit |
d3f73b |
is a 6-bit value for users to configure.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI [no]allow-localremote
|
|
Packit |
d3f73b |
- specifies whether to allow remote endpoint to have an address configured on
|
|
Packit |
d3f73b |
local host.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR external
|
|
Packit |
d3f73b |
- make this tunnel externally controlled (or not, which is the default).
|
|
Packit |
d3f73b |
In the kernel, this is referred to as collect metadata mode. This flag is
|
|
Packit |
d3f73b |
mutually exclusive with the
|
|
Packit |
d3f73b |
.BR remote ,
|
|
Packit |
d3f73b |
.BR local ,
|
|
Packit |
d3f73b |
.BR erspan_ver ,
|
|
Packit |
d3f73b |
.BR erspan ,
|
|
Packit |
d3f73b |
.BR erspan_dir " and " erspan_hwid
|
|
Packit |
d3f73b |
options.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
GENEVE Type Support
|
|
Packit |
d3f73b |
For a link of type
|
|
Packit |
d3f73b |
.I GENEVE
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI "ip link add " DEVICE
|
|
Packit |
d3f73b |
.BI type " geneve " id " VNI " remote " IPADDR"
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.BI ttl " TTL "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI tos " TOS "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI df " DF "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI flowlabel " FLOWLABEL "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI dstport " PORT"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] external
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] udpcsum
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] udp6zerocsumtx
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.RB [ no ] udp6zerocsumrx
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI id " VNI "
|
|
Packit |
d3f73b |
- specifies the Virtual Network Identifer to use.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI remote " IPADDR"
|
|
Packit |
d3f73b |
- specifies the unicast destination IP address to use in outgoing packets.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI ttl " TTL"
|
|
Packit |
d3f73b |
- specifies the TTL value to use in outgoing packets. "0" or "auto" means
|
|
Packit |
d3f73b |
use whatever default value, "inherit" means inherit the inner protocol's
|
|
Packit |
d3f73b |
ttl. Default option is "0".
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI tos " TOS"
|
|
Packit |
d3f73b |
- specifies the TOS value to use in outgoing packets.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI df " DF"
|
|
Packit |
d3f73b |
- specifies the usage of the Don't Fragment flag (DF) bit in outgoing packets
|
|
Packit |
d3f73b |
with IPv4 headers. The value
|
|
Packit |
d3f73b |
.B inherit
|
|
Packit |
d3f73b |
causes the bit to be copied from the original IP header. The values
|
|
Packit |
d3f73b |
.B unset
|
|
Packit |
d3f73b |
and
|
|
Packit |
d3f73b |
.B set
|
|
Packit |
d3f73b |
cause the bit to be always unset or always set, respectively. By default, the
|
|
Packit |
d3f73b |
bit is not set.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI flowlabel " FLOWLABEL"
|
|
Packit |
d3f73b |
- specifies the flow label to use in outgoing packets.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI dstport " PORT"
|
|
Packit |
d3f73b |
- select a destination port other than the default of 6081.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] external
|
|
Packit |
d3f73b |
- make this tunnel externally controlled (or not, which is the default). This
|
|
Packit |
d3f73b |
flag is mutually exclusive with the
|
|
Packit |
d3f73b |
.BR id ,
|
|
Packit |
d3f73b |
.BR remote ,
|
|
Packit |
d3f73b |
.BR ttl ,
|
|
Packit |
d3f73b |
.BR tos " and " flowlabel
|
|
Packit |
d3f73b |
options.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] udpcsum
|
|
Packit |
d3f73b |
- specifies if UDP checksum is calculated for transmitted packets over IPv4.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] udp6zerocsumtx
|
|
Packit |
d3f73b |
- skip UDP checksum calculation for transmitted packets over IPv6.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.RB [ no ] udp6zerocsumrx
|
|
Packit |
d3f73b |
- allow incoming UDP packets over IPv6 with zero checksum field.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
MACVLAN and MACVTAP Type Support
|
|
Packit |
d3f73b |
For a link of type
|
|
Packit |
d3f73b |
.I MACVLAN
|
|
Packit |
d3f73b |
or
|
|
Packit |
d3f73b |
.I MACVTAP
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI "ip link add link " DEVICE " name " NAME
|
|
Packit |
d3f73b |
.BR type " { " macvlan " | " macvtap " } "
|
|
Packit |
d3f73b |
.BR mode " { " private " | " vepa " | " bridge " | " passthru
|
|
Packit |
d3f73b |
.RB " [ " nopromisc " ] | " source " } "
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR type " { " macvlan " | " macvtap " } "
|
|
Packit |
d3f73b |
- specifies the link type to use.
|
|
Packit |
d3f73b |
.BR macvlan " creates just a virtual interface, while "
|
|
Packit |
d3f73b |
.BR macvtap " in addition creates a character device "
|
|
Packit |
d3f73b |
.BR /dev/tapX " to be used just like a " tuntap " device."
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.B mode private
|
|
Packit |
d3f73b |
- Do not allow communication between
|
|
Packit |
d3f73b |
.B macvlan
|
|
Packit |
d3f73b |
instances on the same physical interface, even if the external switch supports
|
|
Packit |
d3f73b |
hairpin mode.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.B mode vepa
|
|
Packit |
d3f73b |
- Virtual Ethernet Port Aggregator mode. Data from one
|
|
Packit |
d3f73b |
.B macvlan
|
|
Packit |
d3f73b |
instance to the other on the same physical interface is transmitted over the
|
|
Packit |
d3f73b |
physical interface. Either the attached switch needs to support hairpin mode,
|
|
Packit |
d3f73b |
or there must be a TCP/IP router forwarding the packets in order to allow
|
|
Packit |
d3f73b |
communication. This is the default mode.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.B mode bridge
|
|
Packit |
d3f73b |
- In bridge mode, all endpoints are directly connected to each other,
|
|
Packit |
d3f73b |
communication is not redirected through the physical interface's peer.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR mode " " passthru " [ " nopromisc " ] "
|
|
Packit |
d3f73b |
- This mode gives more power to a single endpoint, usually in
|
|
Packit |
d3f73b |
.BR macvtap " mode. It is not allowed for more than one endpoint on the same "
|
|
Packit |
d3f73b |
physical interface. All traffic will be forwarded to this endpoint, allowing
|
|
Packit |
d3f73b |
virtio guests to change MAC address or set promiscuous mode in order to bridge
|
|
Packit |
d3f73b |
the interface or create vlan interfaces on top of it. By default, this mode
|
|
Packit |
d3f73b |
forces the underlying interface into promiscuous mode. Passing the
|
|
Packit |
d3f73b |
.BR nopromisc " flag prevents this, so the promisc flag may be controlled "
|
|
Packit |
d3f73b |
using standard tools.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.B mode source
|
|
Packit |
d3f73b |
- allows one to set a list of allowed mac address, which is used to match
|
|
Packit |
d3f73b |
against source mac address from received frames on underlying interface. This
|
|
Packit |
d3f73b |
allows creating mac based VLAN associations, instead of standard port or tag
|
|
Packit |
d3f73b |
based. The feature is useful to deploy 802.1x mac based behavior,
|
|
Packit |
d3f73b |
where drivers of underlying interfaces doesn't allows that.
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
High-availability Seamless Redundancy (HSR) Support
|
|
Packit |
d3f73b |
For a link of type
|
|
Packit |
d3f73b |
.I HSR
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI "ip link add link " DEVICE " name " NAME " type hsr"
|
|
Packit |
d3f73b |
.BI slave1 " SLAVE1-IF " slave2 " SLAVE2-IF "
|
|
Packit |
d3f73b |
.RB [ " supervision"
|
|
Packit |
d3f73b |
.IR ADDR-BYTE " ] ["
|
|
Packit |
d3f73b |
.BR version " { " 0 " | " 1 " } ]"
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR type " hsr "
|
|
Packit |
d3f73b |
- specifies the link type to use, here HSR.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI slave1 " SLAVE1-IF "
|
|
Packit |
d3f73b |
- Specifies the physical device used for the first of the two ring ports.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI slave2 " SLAVE2-IF "
|
|
Packit |
d3f73b |
- Specifies the physical device used for the second of the two ring ports.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI supervision " ADDR-BYTE"
|
|
Packit |
d3f73b |
- The last byte of the multicast address used for HSR supervision frames.
|
|
Packit |
d3f73b |
Default option is "0", possible values 0-255.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR version " { " 0 " | " 1 " }"
|
|
Packit |
d3f73b |
- Selects the protocol version of the interface. Default option is "0", which
|
|
Packit |
d3f73b |
corresponds to the 2010 version of the HSR standard. Option "1" activates the
|
|
Packit |
d3f73b |
2012 version.
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
BRIDGE Type Support
|
|
Packit |
d3f73b |
For a link of type
|
|
Packit |
d3f73b |
.I BRIDGE
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI "ip link add " DEVICE " type bridge "
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.BI ageing_time " AGEING_TIME "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI group_fwd_mask " MASK "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI group_address " ADDRESS "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI forward_delay " FORWARD_DELAY "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI hello_time " HELLO_TIME "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI max_age " MAX_AGE "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI stp_state " STP_STATE "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI priority " PRIORITY "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI vlan_filtering " VLAN_FILTERING "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI vlan_protocol " VLAN_PROTOCOL "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI vlan_default_pvid " VLAN_DEFAULT_PVID "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI vlan_stats_enabled " VLAN_STATS_ENABLED "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI vlan_stats_per_port " VLAN_STATS_PER_PORT "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_snooping " MULTICAST_SNOOPING "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_router " MULTICAST_ROUTER "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_query_use_ifaddr " MCAST_QUERY_USE_IFADDR "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_querier " MULTICAST_QUERIER "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_hash_elasticity " HASH_ELASTICITY "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_hash_max " HASH_MAX "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_last_member_count " LAST_MEMBER_COUNT "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_startup_query_count " STARTUP_QUERY_COUNT "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_last_member_interval " LAST_MEMBER_INTERVAL "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_membership_interval " MEMBERSHIP_INTERVAL "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_querier_interval " QUERIER_INTERVAL "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_query_interval " QUERY_INTERVAL "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_query_response_interval " QUERY_RESPONSE_INTERVAL "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_startup_query_interval " STARTUP_QUERY_INTERVAL "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_stats_enabled " MCAST_STATS_ENABLED "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_igmp_version " IGMP_VERSION "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_mld_version " MLD_VERSION "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI nf_call_iptables " NF_CALL_IPTABLES "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI nf_call_ip6tables " NF_CALL_IP6TABLES "
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI nf_call_arptables " NF_CALL_ARPTABLES "
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI ageing_time " AGEING_TIME "
|
|
Packit |
d3f73b |
- configure the bridge's FDB entries ageing time, ie the number of
|
|
Packit |
d3f73b |
seconds a MAC address will be kept in the FDB after a packet has been
|
|
Packit |
d3f73b |
received from that address. after this time has passed, entries are
|
|
Packit |
d3f73b |
cleaned up.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI group_fwd_mask " MASK "
|
|
Packit |
d3f73b |
- set the group forward mask. This is the bitmask that is applied to
|
|
Packit |
d3f73b |
decide whether to forward incoming frames destined to link-local
|
|
Packit |
d3f73b |
addresses, ie addresses of the form 01:80:C2:00:00:0X (defaults to 0,
|
|
Packit |
d3f73b |
ie the bridge does not forward any link-local frames).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI group_address " ADDRESS "
|
|
Packit |
d3f73b |
- set the MAC address of the multicast group this bridge uses for STP.
|
|
Packit |
d3f73b |
The address must be a link-local address in standard Ethernet MAC
|
|
Packit |
d3f73b |
address format, ie an address of the form 01:80:C2:00:00:0X, with X
|
|
Packit |
d3f73b |
in [0, 4..f].
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI forward_delay " FORWARD_DELAY "
|
|
Packit |
d3f73b |
- set the forwarding delay in seconds, ie the time spent in LISTENING
|
|
Packit |
d3f73b |
state (before moving to LEARNING) and in LEARNING state (before
|
|
Packit |
d3f73b |
moving to FORWARDING). Only relevant if STP is enabled. Valid values
|
|
Packit |
d3f73b |
are between 2 and 30.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI hello_time " HELLO_TIME "
|
|
Packit |
d3f73b |
- set the time in seconds between hello packets sent by the bridge,
|
|
Packit |
d3f73b |
when it is a root bridge or a designated bridges.
|
|
Packit |
d3f73b |
Only relevant if STP is enabled. Valid values are between 1 and 10.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI max_age " MAX_AGE "
|
|
Packit |
d3f73b |
- set the hello packet timeout, ie the time in seconds until another
|
|
Packit |
d3f73b |
bridge in the spanning tree is assumed to be dead, after reception of
|
|
Packit |
d3f73b |
its last hello message. Only relevant if STP is enabled. Valid values
|
|
Packit |
d3f73b |
are between 6 and 40.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI stp_state " STP_STATE "
|
|
Packit |
d3f73b |
- turn spanning tree protocol on
|
|
Packit |
d3f73b |
.RI ( STP_STATE " > 0) "
|
|
Packit |
d3f73b |
or off
|
|
Packit |
d3f73b |
.RI ( STP_STATE " == 0). "
|
|
Packit |
d3f73b |
for this bridge.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI priority " PRIORITY "
|
|
Packit |
d3f73b |
- set this bridge's spanning tree priority, used during STP root
|
|
Packit |
d3f73b |
bridge election.
|
|
Packit |
d3f73b |
.I PRIORITY
|
|
Packit |
d3f73b |
is a 16bit unsigned integer.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI vlan_filtering " VLAN_FILTERING "
|
|
Packit |
d3f73b |
- turn VLAN filtering on
|
|
Packit |
d3f73b |
.RI ( VLAN_FILTERING " > 0) "
|
|
Packit |
d3f73b |
or off
|
|
Packit |
d3f73b |
.RI ( VLAN_FILTERING " == 0). "
|
|
Packit |
d3f73b |
When disabled, the bridge will not consider the VLAN tag when handling packets.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR vlan_protocol " { " 802.1Q " | " 802.1ad " } "
|
|
Packit |
d3f73b |
- set the protocol used for VLAN filtering.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI vlan_default_pvid " VLAN_DEFAULT_PVID "
|
|
Packit |
d3f73b |
- set the default PVID (native/untagged VLAN ID) for this bridge.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI vlan_stats_enabled " VLAN_STATS_ENABLED "
|
|
Packit |
d3f73b |
- enable
|
|
Packit |
d3f73b |
.RI ( VLAN_STATS_ENABLED " == 1) "
|
|
Packit |
d3f73b |
or disable
|
|
Packit |
d3f73b |
.RI ( VLAN_STATS_ENABLED " == 0) "
|
|
Packit |
d3f73b |
per-VLAN stats accounting.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI vlan_stats_per_port " VLAN_STATS_PER_PORT "
|
|
Packit |
d3f73b |
- enable
|
|
Packit |
d3f73b |
.RI ( VLAN_STATS_PER_PORT " == 1) "
|
|
Packit |
d3f73b |
or disable
|
|
Packit |
d3f73b |
.RI ( VLAN_STATS_PER_PORT " == 0) "
|
|
Packit |
d3f73b |
per-VLAN per-port stats accounting. Can be changed only when there are no port VLANs configured.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_snooping " MULTICAST_SNOOPING "
|
|
Packit |
d3f73b |
- turn multicast snooping on
|
|
Packit |
d3f73b |
.RI ( MULTICAST_SNOOPING " > 0) "
|
|
Packit |
d3f73b |
or off
|
|
Packit |
d3f73b |
.RI ( MULTICAST_SNOOPING " == 0). "
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_router " MULTICAST_ROUTER "
|
|
Packit |
d3f73b |
- set bridge's multicast router if IGMP snooping is enabled.
|
|
Packit |
d3f73b |
.I MULTICAST_ROUTER
|
|
Packit |
d3f73b |
is an integer value having the following meaning:
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B 0
|
|
Packit |
d3f73b |
- disabled.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.B 1
|
|
Packit |
d3f73b |
- automatic (queried).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.B 2
|
|
Packit |
d3f73b |
- permanently enabled.
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_query_use_ifaddr " MCAST_QUERY_USE_IFADDR "
|
|
Packit |
d3f73b |
- whether to use the bridge's own IP address as source address for IGMP queries
|
|
Packit |
d3f73b |
.RI ( MCAST_QUERY_USE_IFADDR " > 0) "
|
|
Packit |
d3f73b |
or the default of 0.0.0.0
|
|
Packit |
d3f73b |
.RI ( MCAST_QUERY_USE_IFADDR " == 0). "
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_querier " MULTICAST_QUERIER "
|
|
Packit |
d3f73b |
- enable
|
|
Packit |
d3f73b |
.RI ( MULTICAST_QUERIER " > 0) "
|
|
Packit |
d3f73b |
or disable
|
|
Packit |
d3f73b |
.RI ( MULTICAST_QUERIER " == 0) "
|
|
Packit |
d3f73b |
IGMP querier, ie sending of multicast queries by the bridge (default: disabled).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_querier_interval " QUERIER_INTERVAL "
|
|
Packit |
d3f73b |
- interval between queries sent by other routers. if no queries are seen
|
|
Packit |
d3f73b |
after this delay has passed, the bridge will start to send its own queries
|
|
Packit |
d3f73b |
(as if
|
|
Packit |
d3f73b |
.BI mcast_querier
|
|
Packit |
d3f73b |
was enabled).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_hash_elasticity " HASH_ELASTICITY "
|
|
Packit |
d3f73b |
- set multicast database hash elasticity, ie the maximum chain length
|
|
Packit |
d3f73b |
in the multicast hash table (defaults to 4).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_hash_max " HASH_MAX "
|
|
Packit |
d3f73b |
- set maximum size of multicast hash table (defaults to 512,
|
|
Packit |
d3f73b |
value must be a power of 2).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_last_member_count " LAST_MEMBER_COUNT "
|
|
Packit |
d3f73b |
- set multicast last member count, ie the number of queries the bridge
|
|
Packit |
d3f73b |
will send before stopping forwarding a multicast group after a "leave"
|
|
Packit |
d3f73b |
message has been received (defaults to 2).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_last_member_interval " LAST_MEMBER_INTERVAL "
|
|
Packit |
d3f73b |
- interval between queries to find remaining members of a group,
|
|
Packit |
d3f73b |
after a "leave" message is received.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_startup_query_count " STARTUP_QUERY_COUNT "
|
|
Packit |
d3f73b |
- set the number of IGMP queries to send during startup phase (defaults to 2).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_startup_query_interval " STARTUP_QUERY_INTERVAL "
|
|
Packit |
d3f73b |
- interval between queries in the startup phase.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_query_interval " QUERY_INTERVAL "
|
|
Packit |
d3f73b |
- interval between queries sent by the bridge after the end of the
|
|
Packit |
d3f73b |
startup phase.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_query_response_interval " QUERY_RESPONSE_INTERVAL "
|
|
Packit |
d3f73b |
- set the Max Response Time/Maximum Response Delay for IGMP/MLD
|
|
Packit |
d3f73b |
queries sent by the bridge.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_membership_interval " MEMBERSHIP_INTERVAL "
|
|
Packit |
d3f73b |
- delay after which the bridge will leave a group,
|
|
Packit |
d3f73b |
if no membership reports for this group are received.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_stats_enabled " MCAST_STATS_ENABLED "
|
|
Packit |
d3f73b |
- enable
|
|
Packit |
d3f73b |
.RI ( MCAST_STATS_ENABLED " > 0) "
|
|
Packit |
d3f73b |
or disable
|
|
Packit |
d3f73b |
.RI ( MCAST_STATS_ENABLED " == 0) "
|
|
Packit |
d3f73b |
multicast (IGMP/MLD) stats accounting.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_igmp_version " IGMP_VERSION "
|
|
Packit |
d3f73b |
- set the IGMP version.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_mld_version " MLD_VERSION "
|
|
Packit |
d3f73b |
- set the MLD version.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI nf_call_iptables " NF_CALL_IPTABLES "
|
|
Packit |
d3f73b |
- enable
|
|
Packit |
d3f73b |
.RI ( NF_CALL_IPTABLES " > 0) "
|
|
Packit |
d3f73b |
or disable
|
|
Packit |
d3f73b |
.RI ( NF_CALL_IPTABLES " == 0) "
|
|
Packit |
d3f73b |
iptables hooks on the bridge.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI nf_call_ip6tables " NF_CALL_IP6TABLES "
|
|
Packit |
d3f73b |
- enable
|
|
Packit |
d3f73b |
.RI ( NF_CALL_IP6TABLES " > 0) "
|
|
Packit |
d3f73b |
or disable
|
|
Packit |
d3f73b |
.RI ( NF_CALL_IP6TABLES " == 0) "
|
|
Packit |
d3f73b |
ip6tables hooks on the bridge.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI nf_call_arptables " NF_CALL_ARPTABLES "
|
|
Packit |
d3f73b |
- enable
|
|
Packit |
d3f73b |
.RI ( NF_CALL_ARPTABLES " > 0) "
|
|
Packit |
d3f73b |
or disable
|
|
Packit |
d3f73b |
.RI ( NF_CALL_ARPTABLES " == 0) "
|
|
Packit |
d3f73b |
arptables hooks on the bridge.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
MACsec Type Support
|
|
Packit |
d3f73b |
For a link of type
|
|
Packit |
d3f73b |
.I MACsec
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI "ip link add link " DEVICE " name " NAME " type macsec"
|
|
Packit |
d3f73b |
[ [
|
|
Packit |
d3f73b |
.BI address " <lladdr>"
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
.BI port " PORT"
|
|
Packit |
d3f73b |
|
|
|
Packit |
d3f73b |
.BI sci " SCI"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI cipher " CIPHER_SUITE"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR icvlen " { "
|
|
Packit |
d3f73b |
.IR 8..16 " } ] ["
|
|
Packit |
d3f73b |
.BR encrypt " {"
|
|
Packit |
d3f73b |
.BR on " | " off " } ] [ "
|
|
Packit |
d3f73b |
.BR send_sci " { " on " | " off " } ] ["
|
|
Packit |
d3f73b |
.BR end_station " { " on " | " off " } ] ["
|
|
Packit |
d3f73b |
.BR scb " { " on " | " off " } ] ["
|
|
Packit |
d3f73b |
.BR protect " { " on " | " off " } ] ["
|
|
Packit |
d3f73b |
.BR replay " { " on " | " off " }"
|
|
Packit |
d3f73b |
.BR window " { "
|
|
Packit |
d3f73b |
.IR 0..2^32-1 " } ] ["
|
|
Packit |
d3f73b |
.BR validate " { " strict " | " check " | " disabled " } ] ["
|
|
Packit |
d3f73b |
.BR encodingsa " { "
|
|
Packit |
d3f73b |
.IR 0..3 " } ]"
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI address " <lladdr> "
|
|
Packit |
d3f73b |
- sets the system identifier component of secure channel for this MACsec device.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI port " PORT "
|
|
Packit |
d3f73b |
- sets the port number component of secure channel for this MACsec
|
|
Packit |
d3f73b |
device, in a range from 1 to 65535 inclusive. Numbers with a leading "
|
|
Packit |
d3f73b |
0 " or " 0x " are interpreted as octal and hexadecimal, respectively.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI sci " SCI "
|
|
Packit |
d3f73b |
- sets the secure channel identifier for this MACsec device.
|
|
Packit |
d3f73b |
.I SCI
|
|
Packit |
d3f73b |
is a 64bit wide number in hexadecimal format.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI cipher " CIPHER_SUITE "
|
|
Packit |
d3f73b |
- defines the cipher suite to use.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI icvlen " LENGTH "
|
|
Packit |
d3f73b |
- sets the length of the Integrity Check Value (ICV).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR "encrypt on " or " encrypt off"
|
|
Packit |
d3f73b |
- switches between authenticated encryption, or authenticity mode only.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR "send_sci on " or " send_sci off"
|
|
Packit |
d3f73b |
- specifies whether the SCI is included in every packet,
|
|
Packit |
d3f73b |
or only when it is necessary.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR "end_station on " or " end_station off"
|
|
Packit |
d3f73b |
- sets the End Station bit.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR "scb on " or " scb off"
|
|
Packit |
d3f73b |
- sets the Single Copy Broadcast bit.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR "protect on " or " protect off"
|
|
Packit |
d3f73b |
- enables MACsec protection on the device.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR "replay on " or " replay off"
|
|
Packit |
d3f73b |
- enables replay protection on the device.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI window " SIZE "
|
|
Packit |
d3f73b |
- sets the size of the replay window.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR "validate strict " or " validate check " or " validate disabled"
|
|
Packit |
d3f73b |
- sets the validation mode on the device.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI encodingsa " AN "
|
|
Packit |
d3f73b |
- sets the active secure association for transmission.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
VRF Type Support
|
|
Packit |
d3f73b |
For a link of type
|
|
Packit |
d3f73b |
.I VRF
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI "ip link add " DEVICE " type vrf table " TABLE
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BR table " table id associated with VRF device"
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
RMNET Type Support
|
|
Packit |
d3f73b |
For a link of type
|
|
Packit |
d3f73b |
.I RMNET
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI "ip link add link " DEVICE " name " NAME " type rmnet mux_id " MUXID
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI mux_id " MUXID "
|
|
Packit |
d3f73b |
- specifies the mux identifier for the rmnet device, possible values 1-254.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
XFRM Type Support
|
|
Packit |
d3f73b |
For a link of type
|
|
Packit |
d3f73b |
.I XFRM
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI "ip link add " DEVICE " type xfrm dev " PHYS_DEV " [ if_id " IF_ID " ]"
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI dev " PHYS_DEV "
|
|
Packit |
d3f73b |
- specifies the underlying physical interface from which transform traffic is sent and received.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI if_id " IF-ID "
|
|
Packit |
d3f73b |
- specifies the hexadecimal lookup key used to send traffic to and from specific xfrm
|
|
Packit |
d3f73b |
policies. Policies must be configured with the same key. If not set, the key defaults to
|
|
Packit |
d3f73b |
0 and will match any policies which similarly do not have a lookup key configuration.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.SS ip link delete - delete virtual link
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI dev " DEVICE "
|
|
Packit |
d3f73b |
specifies the virtual device to act operate on.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI group " GROUP "
|
|
Packit |
d3f73b |
specifies the group of virtual links to delete. Group 0 is not allowed to be
|
|
Packit |
d3f73b |
deleted since it is the default group.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI type " TYPE "
|
|
Packit |
d3f73b |
specifies the type of the device.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.SS ip link set - change device attributes
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.PP
|
|
Packit |
d3f73b |
.B Warning:
|
|
Packit |
d3f73b |
If multiple parameter changes are requested,
|
|
Packit |
d3f73b |
.B ip
|
|
Packit |
d3f73b |
aborts immediately after any of the changes have failed.
|
|
Packit |
d3f73b |
This is the only case when
|
|
Packit |
d3f73b |
.B ip
|
|
Packit |
d3f73b |
can move the system to an unpredictable state. The solution
|
|
Packit |
d3f73b |
is to avoid changing several parameters with one
|
|
Packit |
d3f73b |
.B ip link set
|
|
Packit |
d3f73b |
call.
|
|
Packit |
d3f73b |
The modifier
|
|
Packit |
d3f73b |
.B change
|
|
Packit |
d3f73b |
is equivalent to
|
|
Packit |
d3f73b |
.BR "set" .
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI dev " DEVICE "
|
|
Packit |
d3f73b |
.I DEVICE
|
|
Packit |
d3f73b |
specifies network device to operate on. When configuring SR-IOV
|
|
Packit |
d3f73b |
Virtual Function (VF) devices, this keyword should specify the
|
|
Packit |
d3f73b |
associated Physical Function (PF) device.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI group " GROUP "
|
|
Packit |
d3f73b |
.I GROUP
|
|
Packit |
d3f73b |
has a dual role: If both group and dev are present, then move the device to the
|
|
Packit |
d3f73b |
specified group. If only a group is specified, then the command operates on
|
|
Packit |
d3f73b |
all devices in that group.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BR up " and " down
|
|
Packit |
d3f73b |
change the state of the device to
|
|
Packit |
d3f73b |
.B UP
|
|
Packit |
d3f73b |
or
|
|
Packit |
d3f73b |
.BR "DOWN" .
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BR "arp on " or " arp off"
|
|
Packit |
d3f73b |
change the
|
|
Packit |
d3f73b |
.B NOARP
|
|
Packit |
d3f73b |
flag on the device.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BR "multicast on " or " multicast off"
|
|
Packit |
d3f73b |
change the
|
|
Packit |
d3f73b |
.B MULTICAST
|
|
Packit |
d3f73b |
flag on the device.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BR "protodown on " or " protodown off"
|
|
Packit |
d3f73b |
change the
|
|
Packit |
d3f73b |
.B PROTODOWN
|
|
Packit |
d3f73b |
state on the device. Indicates that a protocol error has been detected
|
|
Packit |
d3f73b |
on the port. Switch drivers can react to this error by doing a phys
|
|
Packit |
d3f73b |
down on the switch port.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BR "dynamic on " or " dynamic off"
|
|
Packit |
d3f73b |
change the
|
|
Packit |
d3f73b |
.B DYNAMIC
|
|
Packit |
d3f73b |
flag on the device. Indicates that address can change when interface
|
|
Packit |
d3f73b |
goes down (currently
|
|
Packit |
d3f73b |
.B NOT
|
|
Packit |
d3f73b |
used by the Linux).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI name " NAME"
|
|
Packit |
d3f73b |
change the name of the device. This operation is not
|
|
Packit |
d3f73b |
recommended if the device is running or has some addresses
|
|
Packit |
d3f73b |
already configured.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI txqueuelen " NUMBER"
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI txqlen " NUMBER"
|
|
Packit |
d3f73b |
change the transmit queue length of the device.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI mtu " NUMBER"
|
|
Packit |
d3f73b |
change the
|
|
Packit |
d3f73b |
.I MTU
|
|
Packit |
d3f73b |
of the device.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI address " LLADDRESS"
|
|
Packit |
d3f73b |
change the station address of the interface.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI broadcast " LLADDRESS"
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI brd " LLADDRESS"
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI peer " LLADDRESS"
|
|
Packit |
d3f73b |
change the link layer broadcast address or the peer address when
|
|
Packit |
d3f73b |
the interface is
|
|
Packit |
d3f73b |
.IR "POINTOPOINT" .
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI netns " NETNSNAME " \fR| " PID"
|
|
Packit |
d3f73b |
move the device to the network namespace associated with name
|
|
Packit |
d3f73b |
.IR "NETNSNAME " or
|
|
Packit |
d3f73b |
.RI process " PID".
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
Some devices are not allowed to change network namespace: loopback, bridge,
|
|
Packit |
d3f73b |
ppp, wireless. These are network namespace local devices. In such case
|
|
Packit |
d3f73b |
.B ip
|
|
Packit |
d3f73b |
tool will return "Invalid argument" error. It is possible to find out
|
|
Packit |
d3f73b |
if device is local to a single network namespace by checking
|
|
Packit |
d3f73b |
.B netns-local
|
|
Packit |
d3f73b |
flag in the output of the
|
|
Packit |
d3f73b |
.BR ethtool ":"
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.B ethtool -k
|
|
Packit |
d3f73b |
.I DEVICE
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
To change network namespace for wireless devices the
|
|
Packit |
d3f73b |
.B iw
|
|
Packit |
d3f73b |
tool can be used. But it allows to change network namespace only for
|
|
Packit |
d3f73b |
physical devices and by process
|
|
Packit |
d3f73b |
.IR PID .
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI alias " NAME"
|
|
Packit |
d3f73b |
give the device a symbolic name for easy reference.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI group " GROUP"
|
|
Packit |
d3f73b |
specify the group the device belongs to.
|
|
Packit |
d3f73b |
The available groups are listed in file
|
|
Packit |
d3f73b |
.BR "@SYSCONFDIR@/group" .
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI vf " NUM"
|
|
Packit |
d3f73b |
specify a Virtual Function device to be configured. The associated PF device
|
|
Packit |
d3f73b |
must be specified using the
|
|
Packit |
d3f73b |
.B dev
|
|
Packit |
d3f73b |
parameter.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.BI mac " LLADDRESS"
|
|
Packit |
d3f73b |
- change the station address for the specified VF. The
|
|
Packit |
d3f73b |
.B vf
|
|
Packit |
d3f73b |
parameter must be specified.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI vlan " VLANID"
|
|
Packit |
d3f73b |
- change the assigned VLAN for the specified VF. When specified, all traffic
|
|
Packit |
d3f73b |
sent from the VF will be tagged with the specified VLAN ID. Incoming traffic
|
|
Packit |
d3f73b |
will be filtered for the specified VLAN ID, and will have all VLAN tags
|
|
Packit |
d3f73b |
stripped before being passed to the VF. Setting this parameter to 0 disables
|
|
Packit |
d3f73b |
VLAN tagging and filtering. The
|
|
Packit |
d3f73b |
.B vf
|
|
Packit |
d3f73b |
parameter must be specified.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI qos " VLAN-QOS"
|
|
Packit |
d3f73b |
- assign VLAN QOS (priority) bits for the VLAN tag. When specified, all VLAN
|
|
Packit |
d3f73b |
tags transmitted by the VF will include the specified priority bits in the
|
|
Packit |
d3f73b |
VLAN tag. If not specified, the value is assumed to be 0. Both the
|
|
Packit |
d3f73b |
.B vf
|
|
Packit |
d3f73b |
and
|
|
Packit |
d3f73b |
.B vlan
|
|
Packit |
d3f73b |
parameters must be specified. Setting both
|
|
Packit |
d3f73b |
.B vlan
|
|
Packit |
d3f73b |
and
|
|
Packit |
d3f73b |
.B qos
|
|
Packit |
d3f73b |
as 0 disables VLAN tagging and filtering for the VF.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI proto " VLAN-PROTO"
|
|
Packit |
d3f73b |
- assign VLAN PROTOCOL for the VLAN tag, either 802.1Q or 802.1ad.
|
|
Packit |
d3f73b |
Setting to 802.1ad, all traffic sent from the VF will be tagged with
|
|
Packit |
d3f73b |
VLAN S-Tag. Incoming traffic will have VLAN S-Tags stripped before
|
|
Packit |
d3f73b |
being passed to the VF. Setting to 802.1ad also enables an option to
|
|
Packit |
d3f73b |
concatenate another VLAN tag, so both S-TAG and C-TAG will be
|
|
Packit |
d3f73b |
inserted/stripped for outgoing/incoming traffic, respectively. If not
|
|
Packit |
d3f73b |
specified, the value is assumed to be 802.1Q. Both the
|
|
Packit |
d3f73b |
.B vf
|
|
Packit |
d3f73b |
and
|
|
Packit |
d3f73b |
.B vlan
|
|
Packit |
d3f73b |
parameters must be specified.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI rate " TXRATE"
|
|
Packit |
d3f73b |
-- change the allowed transmit bandwidth, in Mbps, for the specified VF.
|
|
Packit |
d3f73b |
Setting this parameter to 0 disables rate limiting.
|
|
Packit |
d3f73b |
.B vf
|
|
Packit |
d3f73b |
parameter must be specified.
|
|
Packit |
d3f73b |
Please use new API
|
|
Packit |
d3f73b |
.B "max_tx_rate"
|
|
Packit |
d3f73b |
option instead.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI max_tx_rate " TXRATE"
|
|
Packit |
d3f73b |
- change the allowed maximum transmit bandwidth, in Mbps, for the
|
|
Packit |
d3f73b |
specified VF. Setting this parameter to 0 disables rate limiting.
|
|
Packit |
d3f73b |
.B vf
|
|
Packit |
d3f73b |
parameter must be specified.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI min_tx_rate " TXRATE"
|
|
Packit |
d3f73b |
- change the allowed minimum transmit bandwidth, in Mbps, for the specified VF.
|
|
Packit |
d3f73b |
Minimum TXRATE should be always <= Maximum TXRATE.
|
|
Packit |
d3f73b |
Setting this parameter to 0 disables rate limiting.
|
|
Packit |
d3f73b |
.B vf
|
|
Packit |
d3f73b |
parameter must be specified.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI spoofchk " on|off"
|
|
Packit |
d3f73b |
- turn packet spoof checking on or off for the specified VF.
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI query_rss " on|off"
|
|
Packit |
d3f73b |
- toggle the ability of querying the RSS configuration of a specific
|
|
Packit |
d3f73b |
VF. VF RSS information like RSS hash key may be considered sensitive
|
|
Packit |
d3f73b |
on some devices where this information is shared between VF and PF
|
|
Packit |
d3f73b |
and thus its querying may be prohibited by default.
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI state " auto|enable|disable"
|
|
Packit |
d3f73b |
- set the virtual link state as seen by the specified VF. Setting to
|
|
Packit |
d3f73b |
auto means a reflection of the PF link state, enable lets the VF to
|
|
Packit |
d3f73b |
communicate with other VFs on this host even if the PF link state is
|
|
Packit |
d3f73b |
down, disable causes the HW to drop any packets sent by the VF.
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI trust " on|off"
|
|
Packit |
d3f73b |
- trust the specified VF user. This enables that VF user can set a
|
|
Packit |
d3f73b |
specific feature which may impact security and/or
|
|
Packit |
d3f73b |
performance. (e.g. VF multicast promiscuous mode)
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI node_guid " eui64"
|
|
Packit |
d3f73b |
- configure node GUID for Infiniband VFs.
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI port_guid " eui64"
|
|
Packit |
d3f73b |
- configure port GUID for Infiniband VFs.
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.B xdp object "|" pinned "|" off
|
|
Packit |
d3f73b |
set (or unset) a XDP ("eXpress Data Path") BPF program to run on every
|
|
Packit |
d3f73b |
packet at driver level.
|
|
Packit |
d3f73b |
.B ip link
|
|
Packit |
d3f73b |
output will indicate a
|
|
Packit |
d3f73b |
.B xdp
|
|
Packit |
d3f73b |
flag for the networking device. If the driver does not have native XDP
|
|
Packit |
d3f73b |
support, the kernel will fall back to a slower, driver-independent "generic"
|
|
Packit |
d3f73b |
XDP variant. The
|
|
Packit |
d3f73b |
.B ip link
|
|
Packit |
d3f73b |
output will in that case indicate
|
|
Packit |
d3f73b |
.B xdpgeneric
|
|
Packit |
d3f73b |
instead of
|
|
Packit |
d3f73b |
.B xdp
|
|
Packit |
d3f73b |
only. If the driver does have native XDP support, but the program is
|
|
Packit |
d3f73b |
loaded under
|
|
Packit |
d3f73b |
.B xdpgeneric object "|" pinned
|
|
Packit |
d3f73b |
then the kernel will use the generic XDP variant instead of the native one.
|
|
Packit |
d3f73b |
.B xdpdrv
|
|
Packit |
d3f73b |
has the opposite effect of requestsing that the automatic fallback to the
|
|
Packit |
d3f73b |
generic XDP variant be disabled and in case driver is not XDP-capable error
|
|
Packit |
d3f73b |
should be returned.
|
|
Packit |
d3f73b |
.B xdpdrv
|
|
Packit |
d3f73b |
also disables hardware offloads.
|
|
Packit |
d3f73b |
.B xdpoffload
|
|
Packit |
d3f73b |
in ip link output indicates that the program has been offloaded to hardware
|
|
Packit |
d3f73b |
and can also be used to request the "offload" mode, much like
|
|
Packit |
d3f73b |
.B xdpgeneric
|
|
Packit |
d3f73b |
it forces program to be installed specifically in HW/FW of the apater.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.B off
|
|
Packit |
d3f73b |
(or
|
|
Packit |
d3f73b |
.B none
|
|
Packit |
d3f73b |
)
|
|
Packit |
d3f73b |
- Detaches any currently attached XDP/BPF program from the given device.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI object " FILE "
|
|
Packit |
d3f73b |
- Attaches a XDP/BPF program to the given device. The
|
|
Packit |
d3f73b |
.I FILE
|
|
Packit |
d3f73b |
points to a BPF ELF file (f.e. generated by LLVM) that contains the BPF
|
|
Packit |
d3f73b |
program code, map specifications, etc. If a XDP/BPF program is already
|
|
Packit |
d3f73b |
attached to the given device, an error will be thrown. If no XDP/BPF
|
|
Packit |
d3f73b |
program is currently attached, the device supports XDP and the program
|
|
Packit |
d3f73b |
from the BPF ELF file passes the kernel verifier, then it will be attached
|
|
Packit |
d3f73b |
to the device. If the option
|
|
Packit |
d3f73b |
.I -force
|
|
Packit |
d3f73b |
is passed to
|
|
Packit |
d3f73b |
.B ip
|
|
Packit |
d3f73b |
then any prior attached XDP/BPF program will be atomically overridden and
|
|
Packit |
d3f73b |
no error will be thrown in this case. If no
|
|
Packit |
d3f73b |
.B section
|
|
Packit |
d3f73b |
option is passed, then the default section name ("prog") will be assumed,
|
|
Packit |
d3f73b |
otherwise the provided section name will be used. If no
|
|
Packit |
d3f73b |
.B verbose
|
|
Packit |
d3f73b |
option is passed, then a verifier log will only be dumped on load error.
|
|
Packit |
d3f73b |
See also
|
|
Packit |
d3f73b |
.B EXAMPLES
|
|
Packit |
d3f73b |
section for usage examples.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI section " NAME "
|
|
Packit |
d3f73b |
- Specifies a section name that contains the BPF program code. If no section
|
|
Packit |
d3f73b |
name is specified, the default one ("prog") will be used. This option is
|
|
Packit |
d3f73b |
to be passed with the
|
|
Packit |
d3f73b |
.B object
|
|
Packit |
d3f73b |
option.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI verbose
|
|
Packit |
d3f73b |
- Act in verbose mode. For example, even in case of success, this will
|
|
Packit |
d3f73b |
print the verifier log in case a program was loaded from a BPF ELF file.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI pinned " FILE "
|
|
Packit |
d3f73b |
- Attaches a XDP/BPF program to the given device. The
|
|
Packit |
d3f73b |
.I FILE
|
|
Packit |
d3f73b |
points to an already pinned BPF program in the BPF file system. The option
|
|
Packit |
d3f73b |
.B section
|
|
Packit |
d3f73b |
doesn't apply here, but otherwise semantics are the same as with the option
|
|
Packit |
d3f73b |
.B object
|
|
Packit |
d3f73b |
described already.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI master " DEVICE"
|
|
Packit |
d3f73b |
set master device of the device (enslave device).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI nomaster
|
|
Packit |
d3f73b |
unset master device of the device (release device).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI addrgenmode " eui64|none|stable_secret|random"
|
|
Packit |
d3f73b |
set the IPv6 address generation mode
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.I eui64
|
|
Packit |
d3f73b |
- use a Modified EUI-64 format interface identifier
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.I none
|
|
Packit |
d3f73b |
- disable automatic address generation
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.I stable_secret
|
|
Packit |
d3f73b |
- generate the interface identifier based on a preset
|
|
Packit |
d3f73b |
/proc/sys/net/ipv6/conf/{default,DEVICE}/stable_secret
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.I random
|
|
Packit |
d3f73b |
- like stable_secret, but auto-generate a new random secret if none is set
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BR "link-netnsid "
|
|
Packit |
d3f73b |
set peer netnsid for a cross-netns interface
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI type " ETYPE TYPE_ARGS"
|
|
Packit |
d3f73b |
Change type-specific settings. For a list of supported types and arguments refer
|
|
Packit |
d3f73b |
to the description of
|
|
Packit |
d3f73b |
.B "ip link add"
|
|
Packit |
d3f73b |
above. In addition to that, it is possible to manipulate settings to slave
|
|
Packit |
d3f73b |
devices:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
Bridge Slave Support
|
|
Packit |
d3f73b |
For a link with master
|
|
Packit |
d3f73b |
.B bridge
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.B "ip link set type bridge_slave"
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.B fdb_flush
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI state " STATE"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI priority " PRIO"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI cost " COST"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR guard " { " on " | " off " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR hairpin " { " on " | " off " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR fastleave " { " on " | " off " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR root_block " { " on " | " off " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR learning " { " on " | " off " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR flood " { " on " | " off " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR proxy_arp " { " on " | " off " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR proxy_arp_wifi " { " on " | " off " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BI mcast_router " MULTICAST_ROUTER"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR mcast_fast_leave " { " on " | " off "}"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR mcast_flood " { " on " | " off " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR mcast_to_unicast " { " on " | " off " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR group_fwd_mask " MASK"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR neigh_suppress " { " on " | " off " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR vlan_tunnel " { " on " | " off " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR isolated " { " on " | " off " }"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR backup_port " DEVICE"
|
|
Packit |
d3f73b |
] [
|
|
Packit |
d3f73b |
.BR nobackup_port " ]"
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B fdb_flush
|
|
Packit |
d3f73b |
- flush bridge slave's fdb dynamic entries.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI state " STATE"
|
|
Packit |
d3f73b |
- Set port state.
|
|
Packit |
d3f73b |
.I STATE
|
|
Packit |
d3f73b |
is a number representing the following states:
|
|
Packit |
d3f73b |
.BR 0 " (disabled),"
|
|
Packit |
d3f73b |
.BR 1 " (listening),"
|
|
Packit |
d3f73b |
.BR 2 " (learning),"
|
|
Packit |
d3f73b |
.BR 3 " (forwarding),"
|
|
Packit |
d3f73b |
.BR 4 " (blocking)."
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI priority " PRIO"
|
|
Packit |
d3f73b |
- set port priority (allowed values are between 0 and 63, inclusively).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI cost " COST"
|
|
Packit |
d3f73b |
- set port cost (allowed values are between 1 and 65535, inclusively).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR guard " { " on " | " off " }"
|
|
Packit |
d3f73b |
- block incoming BPDU packets on this port.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR hairpin " { " on " | " off " }"
|
|
Packit |
d3f73b |
- enable hairpin mode on this port. This will allow incoming packets on this
|
|
Packit |
d3f73b |
port to be reflected back.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR fastleave " { " on " | " off " }"
|
|
Packit |
d3f73b |
- enable multicast fast leave on this port.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR root_block " { " on " | " off " }"
|
|
Packit |
d3f73b |
- block this port from becoming the bridge's root port.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR learning " { " on " | " off " }"
|
|
Packit |
d3f73b |
- allow MAC address learning on this port.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR flood " { " on " | " off " }"
|
|
Packit |
d3f73b |
- open the flood gates on this port, i.e. forward all unicast frames to this
|
|
Packit |
d3f73b |
port also. Requires
|
|
Packit |
d3f73b |
.BR proxy_arp " and " proxy_arp_wifi
|
|
Packit |
d3f73b |
to be turned off.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR proxy_arp " { " on " | " off " }"
|
|
Packit |
d3f73b |
- enable proxy ARP on this port.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR proxy_arp_wifi " { " on " | " off " }"
|
|
Packit |
d3f73b |
- enable proxy ARP on this port which meets extended requirements by IEEE
|
|
Packit |
d3f73b |
802.11 and Hotspot 2.0 specifications.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI mcast_router " MULTICAST_ROUTER"
|
|
Packit |
d3f73b |
- configure this port for having multicast routers attached. A port with a
|
|
Packit |
d3f73b |
multicast router will receive all multicast traffic.
|
|
Packit |
d3f73b |
.I MULTICAST_ROUTER
|
|
Packit |
d3f73b |
may be either
|
|
Packit |
d3f73b |
.B 0
|
|
Packit |
d3f73b |
to disable multicast routers on this port,
|
|
Packit |
d3f73b |
.B 1
|
|
Packit |
d3f73b |
to let the system detect the presence of of routers (this is the default),
|
|
Packit |
d3f73b |
.B 2
|
|
Packit |
d3f73b |
to permanently enable multicast traffic forwarding on this port or
|
|
Packit |
d3f73b |
.B 3
|
|
Packit |
d3f73b |
to enable multicast routers temporarily on this port, not depending on incoming
|
|
Packit |
d3f73b |
queries.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR mcast_fast_leave " { " on " | " off " }"
|
|
Packit |
d3f73b |
- this is a synonym to the
|
|
Packit |
d3f73b |
.B fastleave
|
|
Packit |
d3f73b |
option above.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR mcast_flood " { " on " | " off " }"
|
|
Packit |
d3f73b |
- controls whether a given port will flood multicast traffic for which
|
|
Packit |
d3f73b |
there is no MDB entry.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR mcast_to_unicast " { " on " | " off " }"
|
|
Packit |
d3f73b |
- controls whether a given port will replicate packets using unicast
|
|
Packit |
d3f73b |
instead of multicast. By default this flag is off.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI group_fwd_mask " MASK "
|
|
Packit |
d3f73b |
- set the group forward mask. This is the bitmask that is applied to
|
|
Packit |
d3f73b |
decide whether to forward incoming frames destined to link-local
|
|
Packit |
d3f73b |
addresses, ie addresses of the form 01:80:C2:00:00:0X (defaults to
|
|
Packit |
d3f73b |
0, ie the bridge does not forward any link-local frames coming on
|
|
Packit |
d3f73b |
this port).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR neigh_suppress " { " on " | " off " }"
|
|
Packit |
d3f73b |
- controls whether neigh discovery (arp and nd) proxy and suppression
|
|
Packit |
d3f73b |
is enabled on the port. By default this flag is off.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR vlan_tunnel " { " on " | " off " }"
|
|
Packit |
d3f73b |
- controls whether vlan to tunnel mapping is enabled on the port. By
|
|
Packit |
d3f73b |
default this flag is off.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BI backup_port " DEVICE"
|
|
Packit |
d3f73b |
- if the port loses carrier all traffic will be redirected to the
|
|
Packit |
d3f73b |
configured backup port
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.BR nobackup_port
|
|
Packit |
d3f73b |
- removes the currently configured backup port
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
Bonding Slave Support
|
|
Packit |
d3f73b |
For a link with master
|
|
Packit |
d3f73b |
.B bond
|
|
Packit |
d3f73b |
the following additional arguments are supported:
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.B "ip link set type bond_slave"
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.BI queue_id " ID"
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.BI queue_id " ID"
|
|
Packit |
d3f73b |
- set the slave's queue ID (a 16bit unsigned value).
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
MACVLAN and MACVTAP Support
|
|
Packit |
d3f73b |
Modify list of allowed macaddr for link in source mode.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.B "ip link set type { macvlan | macvap } "
|
|
Packit |
d3f73b |
[
|
|
Packit |
d3f73b |
.BI macaddr " " "" COMMAND " " MACADDR " ..."
|
|
Packit |
d3f73b |
]
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
Commands:
|
|
Packit |
d3f73b |
.in +8
|
|
Packit |
d3f73b |
.B add
|
|
Packit |
d3f73b |
- add MACADDR to allowed list
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B set
|
|
Packit |
d3f73b |
- replace allowed list
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B del
|
|
Packit |
d3f73b |
- remove MACADDR from allowed list
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.B flush
|
|
Packit |
d3f73b |
- flush whole allowed list
|
|
Packit |
d3f73b |
.sp
|
|
Packit |
d3f73b |
.in -8
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.SS ip link show - display device attributes
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI dev " NAME " (default)
|
|
Packit |
d3f73b |
.I NAME
|
|
Packit |
d3f73b |
specifies the network device to show.
|
|
Packit |
d3f73b |
If this argument is omitted all devices in the default group are listed.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI group " GROUP "
|
|
Packit |
d3f73b |
.I GROUP
|
|
Packit |
d3f73b |
specifies what group of devices to show.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.B up
|
|
Packit |
d3f73b |
only display running interfaces.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI master " DEVICE "
|
|
Packit |
d3f73b |
.I DEVICE
|
|
Packit |
d3f73b |
specifies the master device which enslaves devices to show.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI vrf " NAME "
|
|
Packit |
d3f73b |
.I NAME
|
|
Packit |
d3f73b |
speficies the VRF which enslaves devices to show.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI type " TYPE "
|
|
Packit |
d3f73b |
.I TYPE
|
|
Packit |
d3f73b |
specifies the type of devices to show.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
Note that the type name is not checked against the list of supported types -
|
|
Packit |
d3f73b |
instead it is sent as-is to the kernel. Later it is used to filter the returned
|
|
Packit |
d3f73b |
interface list by comparing it with the relevant attribute in case the kernel
|
|
Packit |
d3f73b |
didn't filter already. Therefore any string is accepted, but may lead to empty
|
|
Packit |
d3f73b |
output.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.SS ip link xstats - display extended statistics
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI type " TYPE "
|
|
Packit |
d3f73b |
.I TYPE
|
|
Packit |
d3f73b |
specifies the type of devices to display extended statistics for.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.SS ip link afstats - display address-family specific statistics
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.TP
|
|
Packit |
d3f73b |
.BI dev " DEVICE "
|
|
Packit |
d3f73b |
.I DEVICE
|
|
Packit |
d3f73b |
specifies the device to display address-family statistics for.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.SS ip link help - display help
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.PP
|
|
Packit |
d3f73b |
.I "TYPE"
|
|
Packit |
d3f73b |
specifies which help of link type to dislpay.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.SS
|
|
Packit |
d3f73b |
.I GROUP
|
|
Packit |
d3f73b |
may be a number or a string from the file
|
|
Packit |
d3f73b |
.B @SYSCONFDIR@/group
|
|
Packit |
d3f73b |
which can be manually filled.
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.SH "EXAMPLES"
|
|
Packit |
d3f73b |
.PP
|
|
Packit |
d3f73b |
ip link show
|
|
Packit |
d3f73b |
.RS 4
|
|
Packit |
d3f73b |
Shows the state of all network interfaces on the system.
|
|
Packit |
d3f73b |
.RE
|
|
Packit |
d3f73b |
.PP
|
|
Packit |
d3f73b |
ip link show type bridge
|
|
Packit |
d3f73b |
.RS 4
|
|
Packit |
d3f73b |
Shows the bridge devices.
|
|
Packit |
d3f73b |
.RE
|
|
Packit |
d3f73b |
.PP
|
|
Packit |
d3f73b |
ip link show type vlan
|
|
Packit |
d3f73b |
.RS 4
|
|
Packit |
d3f73b |
Shows the vlan devices.
|
|
Packit |
d3f73b |
.RE
|
|
Packit |
d3f73b |
.PP
|
|
Packit |
d3f73b |
ip link show master br0
|
|
Packit |
d3f73b |
.RS 4
|
|
Packit |
d3f73b |
Shows devices enslaved by br0
|
|
Packit |
d3f73b |
.RE
|
|
Packit |
d3f73b |
.PP
|
|
Packit |
d3f73b |
ip link set dev ppp0 mtu 1400
|
|
Packit |
d3f73b |
.RS 4
|
|
Packit |
d3f73b |
Change the MTU the ppp0 device.
|
|
Packit |
d3f73b |
.RE
|
|
Packit |
d3f73b |
.PP
|
|
Packit |
d3f73b |
ip link add link eth0 name eth0.10 type vlan id 10
|
|
Packit |
d3f73b |
.RS 4
|
|
Packit |
d3f73b |
Creates a new vlan device eth0.10 on device eth0.
|
|
Packit |
d3f73b |
.RE
|
|
Packit |
d3f73b |
.PP
|
|
Packit |
d3f73b |
ip link delete dev eth0.10
|
|
Packit |
d3f73b |
.RS 4
|
|
Packit |
d3f73b |
Removes vlan device.
|
|
Packit |
d3f73b |
.RE
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
ip link help gre
|
|
Packit |
d3f73b |
.RS 4
|
|
Packit |
d3f73b |
Display help for the gre link type.
|
|
Packit |
d3f73b |
.RE
|
|
Packit |
d3f73b |
.PP
|
|
Packit |
d3f73b |
ip link add name tun1 type ipip remote 192.168.1.1
|
|
Packit |
d3f73b |
local 192.168.1.2 ttl 225 encap gue encap-sport auto
|
|
Packit |
d3f73b |
encap-dport 5555 encap-csum encap-remcsum
|
|
Packit |
d3f73b |
.RS 4
|
|
Packit |
d3f73b |
Creates an IPIP that is encapsulated with Generic UDP Encapsulation,
|
|
Packit |
d3f73b |
and the outer UDP checksum and remote checksum offload are enabled.
|
|
Packit |
d3f73b |
.RE
|
|
Packit |
d3f73b |
.PP
|
|
Packit |
d3f73b |
ip link set dev eth0 xdp obj prog.o
|
|
Packit |
d3f73b |
.RS 4
|
|
Packit |
d3f73b |
Attaches a XDP/BPF program to device eth0, where the program is
|
|
Packit |
d3f73b |
located in prog.o, section "prog" (default section). In case a
|
|
Packit |
d3f73b |
XDP/BPF program is already attached, throw an error.
|
|
Packit |
d3f73b |
.RE
|
|
Packit |
d3f73b |
.PP
|
|
Packit |
d3f73b |
ip -force link set dev eth0 xdp obj prog.o sec foo
|
|
Packit |
d3f73b |
.RS 4
|
|
Packit |
d3f73b |
Attaches a XDP/BPF program to device eth0, where the program is
|
|
Packit |
d3f73b |
located in prog.o, section "foo". In case a XDP/BPF program is
|
|
Packit |
d3f73b |
already attached, it will be overridden by the new one.
|
|
Packit |
d3f73b |
.RE
|
|
Packit |
d3f73b |
.PP
|
|
Packit |
d3f73b |
ip -force link set dev eth0 xdp pinned /sys/fs/bpf/foo
|
|
Packit |
d3f73b |
.RS 4
|
|
Packit |
d3f73b |
Attaches a XDP/BPF program to device eth0, where the program was
|
|
Packit |
d3f73b |
previously pinned as an object node into BPF file system under
|
|
Packit |
d3f73b |
name foo.
|
|
Packit |
d3f73b |
.RE
|
|
Packit |
d3f73b |
.PP
|
|
Packit |
d3f73b |
ip link set dev eth0 xdp off
|
|
Packit |
d3f73b |
.RS 4
|
|
Packit |
d3f73b |
If a XDP/BPF program is attached on device eth0, detach it and
|
|
Packit |
d3f73b |
effectively turn off XDP for device eth0.
|
|
Packit |
d3f73b |
.RE
|
|
Packit |
d3f73b |
.PP
|
|
Packit |
d3f73b |
ip link add link wpan0 lowpan0 type lowpan
|
|
Packit |
d3f73b |
.RS 4
|
|
Packit |
d3f73b |
Creates a 6LoWPAN interface named lowpan0 on the underlying
|
|
Packit |
d3f73b |
IEEE 802.15.4 device wpan0.
|
|
Packit |
d3f73b |
.RE
|
|
Packit |
d3f73b |
.PP
|
|
Packit |
d3f73b |
ip link add dev ip6erspan11 type ip6erspan seq key 102
|
|
Packit |
d3f73b |
local fc00:100::2 remote fc00:100::1
|
|
Packit |
d3f73b |
erspan_ver 2 erspan_dir ingress erspan_hwid 17
|
|
Packit |
d3f73b |
.RS 4
|
|
Packit |
d3f73b |
Creates a IP6ERSPAN version 2 interface named ip6erspan00.
|
|
Packit |
d3f73b |
.RE
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.SH SEE ALSO
|
|
Packit |
d3f73b |
.br
|
|
Packit |
d3f73b |
.BR ip (8),
|
|
Packit |
d3f73b |
.BR ip-netns (8),
|
|
Packit |
d3f73b |
.BR ethtool (8),
|
|
Packit |
d3f73b |
.BR iptables (8)
|
|
Packit |
d3f73b |
|
|
Packit |
d3f73b |
.SH AUTHOR
|
|
Packit |
d3f73b |
Original Manpage by Michail Litvak <mci@owl.openwall.com>
|