The main network configuration file
global network settings
Name | Type | Required | Default | Description |
---|---|---|---|---|
ula_prefix | IPv6-prefix | no | (none) | IPv6 ULA-Prefix for this device |
switch configuration
Name | Type | Required | Default | Description |
---|---|---|---|---|
enable | boolean | yes | ||
enable_vlan | boolean | no | ||
reset | boolean | no |
switch_vlan configuration
Name | Type | Required | Default | Description |
---|---|---|---|---|
device | string | yes | ||
vlan | integer | yes |
logical networks
Protocol | Description | Program |
---|---|---|
static | Static configuration with fixed address and netmask | ip /ifconfig |
dhcp | Address and netmask are assigned by DHCP | udhcpc (Busybox) |
dhcpv6 | Address and netmask are assigned by DHCPv6 | odhcpc6c |
ppp | PPP protocol - dialup modem connections | pppd |
pppoe | PPP over Ethernet - DSL broadband connection | pppd + plugin rp-pppoe.so |
pppoa | PPP over ATM - DSL connection using a builtin modem | pppd + plugin … |
3g | CDMA, UMTS or GPRS connection using an AT-style 3G modem | comgt |
qmi | USB modems using QMI protocol | uqmi |
ncm | USB modems using NCM protocol | comgt-ncm + ? |
hnet | Self-managing home network (HNCP) | hnet-full |
pptp | Connection via PPtP VPN | ? |
6in4 | IPv6-in-IPv4 tunnel forSuppresses DHCP-assigned default gateway if set to 0.0.0.0 use with Tunnel Brokers like HE.net | ? |
aiccu | Anything-in-anything tunnel | aiccu |
6to4 | Stateless IPv6 over IPv4 transport | ? |
6rd | IPv6 rapid deployment | 6rd |
dslite | Dual-Stack Lite | ds-lite |
l2tp | PPP over L2TP Pseudowire Tunnel | xl2tpd |
relay | relayd pseudo-bridge | relayd |
gre , gretap | GRE over IPv4 | gre + kmod-gre |
grev6 , grev6tap | GRE over IPv6 | gre + kmod-gre6 |
none | Unspecified protocol, therefore all the other interface settings will be ignored (like disabling the configuration) | - |
Name | Type | Required | Default | Description |
---|---|---|---|---|
ifname | interface name(s) | yes(*) | (none) | Physical interface name to assign to this section, list of interfaces if type bridge is set. (*) This option may be empty or missing if only a wireless interface references this network or if the protocol type is pptp , pppoa or 6in4 |
type | string | no | (none) | If set to “bridge”, a bridge containing the given ifnames is created Wlan interface names are not predictable, therfore you cannot reference them directly in the network config |
stp | boolean | no | 0 | Only valid for type “bridge”, enables the Spanning Tree Protocol |
bridge_empty | boolean | no | 0 | Only valid for type “bridge”, enables creating empty bridges |
igmp_snooping | boolean | no | 1 | Only valid for type “bridge”, sets the multicast_snooping kernel setting for a bridge |
macaddr | mac address | no | (none) | Override MAC address of this interface |
mtu | number | no | (none) | Override the default MTU on this interface |
auto | boolean | no | 0 for proto none , else 1 | Specifies whether to bring up interface on boot |
ipv6 | boolean | no | 1 | Specifies whether to enable (1) or disable (0) IPv6 on this interface (Barrier Breaker and later only) |
accept_ra | boolean | no | 1 for protocol dhcp , else 0 | deprecated: Specifies whether to accept IPv6 Router Advertisements on this interface (On Attitude Adjustment 12.09 and earlier versions) |
send_rs | boolean | no | 1 for protocol static , else 0 | deprecated: Specifies whether to send Router Solicitations on this interface (On Attitude Adjustment 12.09 and earlier versions) |
enabled | boolean | no | 1 | enable or disable the interface section |
Name | Type | Required | Default | Description |
---|---|---|---|---|
ipaddr | ip address | yes, if no ip6addr is set. | (none) | IP address. [openwrt 12.09] It could be a list of ipaddr , that is: several ipaddresses will be assigned to the interface. If, instead of a list, several ipaddr are specified as options, only the last is applied. |
netmask | netmask | yes, if no ip6addr is set | (none) | Netmask |
gateway | ip address | no | (none) | Default gateway |
broadcast | ip address | no | (none) | Broadcast address (autogenerated if not set) |
ip6addr | ipv6 address | yes, if no ipaddr is set | (none) | Assign given IPv6 address to this interface (CIDR notation) |
ip6gw | ipv6 address | no | (none) | Assign given IPv6 default gateway to this interface |
ip6assign | prefix length | no | (none) | Delegate a prefix of given length to this interface (Barrier Breaker and later only) |
ip6hint | prefix hint (hex) | no | (none) | Hint the subprefix-ID that should be delegeted as hexadecimal number (Barrier Breaker and later only) |
ip6prefix | ipv6 prefix | no | (none) | IPv6 prefix routed here for use on other interfaces (Barrier Breaker and later only) |
ip6class | list of strings | no | (none) | Define the IPv6 prefix-classes this interface will accept |
dns | list of ip addresses | no | (none) | DNS server(s) |
dns_search | list of domain names | no | (none) | Search list for host-name lookup |
metric | integer | no | 0 | Specifies the default route metric to use |
force_link | integer | no | 0 | Specifies whether ip address, route, and optionally gateway are assigned to the interface regardless of the link being active ('1') or only after the link has become active ('0'); in trunk since the introduction of netifd; in case of a wireless interface the default is '1' for an AP and '0' for a STA. |
Name | Type | Required | Default | Description |
---|---|---|---|---|
| | | | (deprecated) |
broadcast | boolean | no | 0 | Enable the broadcast flag in DHCP requests, required for certain ISPs, e.g. Charter with DOCSIS 3 |
hostname | string | no | (none) | Hostname to include in DHCP requests |
clientid | string | no | system default | Override client identifier in DHCP requests |
vendorclass | string | no | system default | Override the vendor class in DHCP requests |
dns | list of ip addresses | no | (none) | Supplement DHCP-assigned DNS server(s), or use only these if peerdns is 0 |
peerdns | boolean | no | 1 | Use DHCP-provided DNS server(s) |
defaultroute | boolean | no | 1 | Whether to create a default route via the received gateway |
metric | integer | no | 0 | Specifies the default route metric to use |
reqopts | list of strings | no | (none) | Specifies a list of additional DHCP options to request |
iface6rd | logical interface | no | (none) | Logical interface template for auto-configuration of 6rd |
Name | Type | Required | Default | Description |
---|---|---|---|---|
username | string | no(?) | (none) | Username for PAP/CHAP authentication |
password | string | no(?) | (none) | Password for PAP/CHAP authentication |
ac | string | no | (none) | Specifies the Access Concentrator to connect to. If unset, pppd uses the first discovered one |
service | string | no | (none) | Specifies the Service Name to connect to, If unset, pppd uses the first discovered one |
connect | file path | no | (none) | Path to custom PPP connect script |
disconnect | file path | no | (none) | Path to custom PPP disconnect script |
keepalive | number | no | (none) | Number of connection failures before reconnect |
demand | number | no | (none) | Number of seconds to wait before closing the connection due to inactivity |
defaultroute | boolean | no | 1 | Replace existing default route on PPP connect |
peerdns | boolean | no | 1 | Use peer-assigned DNS server(s) |
dns | list of ip addresses | no | (none) | Override peer-assigned DNS server(s) |
ipv6 | boolean | no | 0 | Enable IPv6 on the PPP link |
pppd_options | string | no | (none) | Additional command line arguments to pass to the pppd daemon |
Name | Type | Required | Default | Description |
---|---|---|---|---|
server | ip address | yes | (none) | Remote PPtP server |
username | string | no(?) | (none) | Username for PAP/CHAP authentication |
password | string | no(?) | (none) | Password for PAP/CHAP authentication |
buffering | boolean | no | 1 | 0 disables it (–nobuffer ) |
keepalive | integer | no | ? | Number of attempts to reconnect |
defaultroute | boolean | no | 1 | Whether to create a default route over the tunnel |
peerdns | boolean | no | 1 | Use PPTP-provided DNS server(s) |
delegate | boolean | no | ? | Use builtin IPv6-management |
iface | string | no(?) | pptp-<vpn> | Name of the physical interface. Defaults to pptp-<vpn> no matter what you use |
Most options are similar to protocol “ppp”.
Name | Type | Required | Default | Description |
---|---|---|---|---|
server | string | yes | (none) | L2TP server to connect to (hostname or IP address) |
username | string | no | (none) | Username for PAP/CHAP authentication |
password | string | yes if username is provided | (none) | Password for PAP/CHAP authentication |
ipv6 | bool | no | 0 | Enable IPv6 on the PPP link (IPv6CP) |
mtu | int | no | pppd default | Maximum Transmit/Receive Unit, in bytes |
keepalive | string | no | (none) | Number of unanswered echo requests before considering the peer dead. The interval between echo requests is 5 seconds. |
pppd_options | string | no | (none) | Additional options to pass to pppd |
The name of the physical interface will be “l2tp-<logical interface name>”.
forward_dhcp
| boolean | no | 1
| Enables forwarding of DHCP requests and responses, 0
disables it |
Static IPv4 routes can be defined on specific interfaces using route
sections. As for aliases, multiple sections can be attached to an interface.
A minimal example looks like this:
config 'route' 'name_your_route' option 'interface' 'lan' option 'target' '172.16.123.0' option 'netmask' '255.255.255.0' option 'gateway' '172.16.123.100'
lan
is the logical interface name of the parent interface172.16.123.0
is the network address of the route255.255.255.0
specifies the route netmaskLegal options for IPv4 routes are:
Name | Type | Required | Default | Description |
---|---|---|---|---|
interface | string | yes | (none) | Specifies the logical interface name of the parent (or master) interface this route belongs to; must refer to one of the defined interface sections |
target | ip address | yes | (none) | Network address |
netmask | netmask | no | (none) | Route netmask. If omitted, 255.255.255.255 is assumed which makes target a host address |
gateway | ip address | no | (none) | Network gateway. If omitted, the gateway from the parent interface is taken; if set to 0.0.0.0 no gateway will be specified for the route |
metric | number | no | 0 | Specifies the route metric to use |
mtu | number | no | interface MTU | Defines a specific MTU for this route |
table | routing table | no | (none) | Defines the table ID to use for the route. The ID can be either a numeric table index ranging from 0 to 65535 or a symbolic alias declared in /etc/iproute2/rt_tables. The special aliases local (255), main (254) and default (253) are recognized as well |
source | ip address | no | (none) | The preferred source address when sending to destinations covered by the target |
onlink | boolean | no | 0 | When enabled gateway is on link even if the gateway does not match any interface prefix (Barrier Breaker and later only) |
type | string | no | unicast | One of the types outlined in the Routing Types table below (Barrier Breaker and later only) |
To disable a route quickly, the option enabled
is not available. Just rewrite the route
config section as disabled_route
like:
config 'disabled_route' 'name_your_route' ...lines...
and it will be recognized by the uci parser but not applied by the /etc/init.d/network
script.
Rules are required to define policy based routing.
Example:
config rule option mark '0xFF' option in 'lan' option dest '172.16.0.0/16' option lookup '100'
The options below are defined for IP rule (rule
and rule6
) sections:
Name | Type | Required | Default | Description |
---|---|---|---|---|
in | string | no | (none) | Specifies the incoming logical interface name |
out | string | no | (none) | Specifies the outgoing logical interface name |
src | ip subnet | no | (none) | Specifies the source subnet to match (CIDR notation) |
dest | ip subnet | no | (none) | Specifies the destination subnet to match (CIDR notation) |
tos | integer | no | (none) | Specifies the TOS value to match in IP headers |
mark | mark/mask | no | (none) | Specifies the fwmark and optionally its mask to match, e.g. 0xFF to match mark 255 or 0x0/0x1 to match any even mark value |
invert | boolean | no | 0 | If set to 1 , the meaning of the match options is inverted |
priority | integer | no | (incrementing) | Controls the order of the IP rules, by default the priority is auto-assigned so that they are processed in the same order they're declared in the config file |
lookup | routing table | at least one of | (none) | The rule target is a table lookup, the ID can be either a numeric table index ranging from 0 to 65535 or a symbolic alias declared in /etc/iproute2/rt_tables . The special aliases local (255 ), main (254 ) and default (253 ) are recognized as well |
goto | rule index | The rule target is a jump to another rule specified by its priority value |
||
action | string | The rule target is one of the routing actions outlined in the table below |
Action | Description |
---|---|
prohibit | When reaching the rule, respond with ICMP prohibited messages and abort route lookup |
unreachable | When reaching the rule, respond with ICMP unreachable messages and abort route lookup |
blackhole | When reaching the rule, drop packet and abort route lookup |
throw | Stop lookup in the current routing table even if a default route exists |