Differences

This shows you the differences between two versions of the page.

--- documentation:configuration:config_files:config_network [2015/05/09 21:48]
admin
+++ documentation:configuration:config_files:config_network [2018/05/24 09:05] (current)
@@ Line 6: / Line 6: @@
 ^ Type ^ Description ^
-| [[config_tpl#some section|Some section]] | section |
+| [[config_network#globals|globals]] | global network settings |
-| [[config_tpl#some other section|Some other section]] | other section |
+| [[config_network#switch|switch]] | switch-port configuration |
+| [[config_network#switch_vlan|switch_vlan]] | switch-vlan configuration |
+| [[config_network#interface|interface]] | logical networks |
+| [[config_network#route|route]] | static routing |
+| [[config_network#rule|rule]] | policy based routing |
-==== some section ====
+==== globals ====
+global network settings
+=== Options ===
+^ Name ^ Type ^ Required ^ Default ^ Description ^
+| ''ula_prefix'' | IPv6-prefix | no | //(none)// | IPv6 [[wp>Unique local address|ULA]]-Prefix for this device |
+==== switch ====
+switch configuration
 == Options ==
 ^ Name ^ Type ^ Required ^ Default ^ Description ^
-|  |  |  |  |  |
+| ''enable'' | boolean | yes |  |  |
-|  |  |  |  |  |
+| ''enable_vlan'' | boolean | no |  |  |
-|  |  |  |  |  |
+| ''reset'' | boolean | no | | |
-|  |  |  |  |  |
-|  |  |  |  |  |
-==== some other section ====
+==== switch_vlan ====
+switch_vlan configuration
 == Options ==
 ^ Name ^ Type ^ Required ^ Default ^ Description ^
-|  |  |  |  |  |
+| ''device'' | string | yes |  |  |
-|  |  |  |  |  |
+| ''vlan'' | integer | yes |  |  |
-|  |  |  |  |  |
+==== interface ====
+logical networks
+=== Options ===
+^ Protocol ^ Description ^ Program ^
+| ''static'' | Static configuration with fixed address and netmask |  ''ip''/''ifconfig''  |
+| ''dhcp'' | Address and netmask are assigned by DHCP |  ''udhcpc'' (Busybox)  |
+| ''dhcpv6'' | Address and netmask are assigned by DHCPv6 |  ''odhcpc6c''  |
+| ''ppp'' | PPP protocol - dialup modem connections |  ''pppd''  |
+| ''pppoe'' | PPP over Ethernet - DSL broadband connection |  ''pppd'' + ''plugin rp-pppoe.so''  |
+| ''pppoa'' | PPP over ATM - DSL connection using a builtin modem |  ''pppd'' + plugin ...  |
+| ''3g'' | CDMA, UMTS or GPRS connection using an AT-style 3G modem |  ''comgt''  |
+| ''qmi'' | USB modems using QMI protocol |  ''uqmi''  |
+| ''ncm'' | USB modems using NCM protocol |  ''comgt-ncm'' + ?  |
+| ''hnet'' | Self-managing home network (HNCP) |  ''hnet-full''  |
+| ''pptp'' | Connection via PPtP VPN |  ?  |
+| ''6in4'' | IPv6-in-IPv4 tunnel forSuppresses DHCP-assigned default gateway if set to 0.0.0.0 use with Tunnel Brokers like HE.net |  ?  |
+| ''aiccu'' | Anything-in-anything tunnel  |  ''aiccu''  |
+| ''6to4'' | Stateless IPv6 over IPv4 transport |  ?  |
+| ''6rd'' | IPv6 rapid deployment |  ''6rd''  |
+| ''dslite'' | Dual-Stack Lite |  ''ds-lite''  |
+| ''l2tp'' | PPP over L2TP Pseudowire Tunnel |  ''xl2tpd''  |
+| ''relay'' | relayd pseudo-bridge |  ''relayd''  |
+| ''gre'', ''gretap'' | GRE over IPv4 |  ''gre'' + ''kmod-gre''  |
+| ''grev6'', ''grev6tap'' | GRE over IPv6 |  ''gre'' + ''kmod-gre6''  |
+| ''none'' | Unspecified protocol, therefore all the other interface settings will be ignored (like disabling the configuration) |  -  |
+=== protocol options ===
+^ Name ^ Type ^ Required ^ Default ^ Description ^
+| ''ifname'' | interface name(s) | yes(*) | //(none)// | Physical interface name to assign to this section, list of interfaces if type bridge is set.\\ //(*) This option may be empty or missing if only a wireless interface references this network or if the protocol type is ''pptp'', ''pppoa'' or ''6in4''// |
+| ''type'' | string | no | //(none)// | If set to "bridge", a bridge containing the given //ifnames// is created\\ [[https://forum.openwrt.org/viewtopic.php?pid=203784#p203784|Wlan interface names are not predictable, therfore you cannot reference them directly in the network config]] |
+| ''stp'' | boolean | no | ''0'' | Only valid for type "bridge", enables the Spanning Tree Protocol |
+| ''bridge_empty'' | boolean | no | ''0'' | Only valid for type "bridge", enables creating empty bridges |
+| ''igmp_snooping'' | boolean | no | ''1'' | Only valid for type "bridge", sets the multicast_snooping kernel setting for a bridge |
+| ''macaddr'' | mac address | no | //(none)// | Override MAC address of this interface |
+| ''mtu'' | number | no | //(none)// | Override the default MTU on this interface |
+| ''auto'' | boolean | no | ''0'' for proto ''none'', else ''1'' | Specifies whether to bring up interface on boot |
+| ''ipv6'' | boolean | no | ''1'' | Specifies whether to enable (1) or disable (0) IPv6 on this interface (Barrier Breaker and later only) |
+| ''accept_ra'' | boolean | no | ''1'' for protocol ''dhcp'', else ''0'' | **deprecated:** Specifies whether to accept IPv6 Router Advertisements on this interface (On Attitude Adjustment 12.09 and earlier versions) |
+| ''send_rs'' | boolean | no | ''1'' for protocol ''static'', else ''0'' | **deprecated:** Specifies whether to send Router Solicitations on this interface (On Attitude Adjustment 12.09 and earlier versions) |
+| ''enabled'' | boolean | no | ''1''  | enable or disable the interface section |
+=== Protocol "static" ===
+^ Name ^ Type ^ Required ^ Default ^ Description ^
+| ''ipaddr'' | ip address | yes, if no ''ip6addr'' is set. | //(none)// | IP address. [openwrt 12.09] It could be a list of ipaddr , that is: several ipaddresses will be assigned to the interface. If, instead of a list, several ipaddr are specified as options, only the last is applied. |
+| ''netmask'' | netmask | yes, if no ''ip6addr'' is set | //(none)// | Netmask |
+| ''gateway'' | ip address | no | //(none)// | Default gateway |
+| ''broadcast'' | ip address | no | //(none)// | Broadcast address (autogenerated if not set) |
+| ''ip6addr'' | ipv6 address | yes, if no ''ipaddr'' is set | //(none)// | Assign given IPv6 address to this interface (CIDR notation) |
+| ''ip6gw'' | ipv6 address | no | //(none)// | Assign given IPv6 default gateway to this interface |
+| ''ip6assign'' | prefix length | no | //(none)// | Delegate a [[[[network6#downstream.configuration.for.lan-interfaces|prefix of given length]] to this interface (Barrier Breaker and later only) |
+| ''ip6hint'' | prefix hint (hex) | no | //(none)// | [[network6#downstream.configuration.for.lan-interfaces|Hint the subprefix-ID]] that should be delegeted as hexadecimal number (Barrier Breaker and later only) |
+| ''ip6prefix'' | ipv6 prefix | no | //(none)// | IPv6 prefix routed here for use on other interfaces (Barrier Breaker and later only) |
+| ''ip6class'' | list of strings | no | //(none)// | Define the IPv6 prefix-classes this interface will accept |
+| ''dns'' | list of ip addresses | no | //(none)// | DNS server(s) |
+| ''dns_search'' | list of domain names | no | //(none)// | Search list for host-name lookup |
+| ''metric'' | integer | no | ''0'' | Specifies the default route metric to use |
+| ''force_link'' | integer | no | ''0'' | Specifies whether ip address, route, and optionally gateway are assigned to the interface regardless of the link being active ('1') or only after the link has become active ('0'); in trunk since the introduction of netifd; in case of a wireless interface the default is '1' for an AP and '0' for a STA. |
+=== Protocol "dhcp" ===
+^ Name ^ Type ^ Required ^ Default ^ Description ^
+| ''<del>gateway</del>'' | <del>string</del> | <del>no</del> | <del>//(none)//</del> | <del>Suppresses DHCP-assigned default gateway if set to 0.0.0.0</del> \\ (deprecated) |
+| ''broadcast'' | boolean | no | ''0'' | Enable the broadcast flag in DHCP requests, required for certain ISPs, e.g. Charter with DOCSIS 3 |
+| ''hostname'' | string | no | //(none)// | Hostname to include in DHCP requests |
+| ''clientid'' | string | no | //system default// | Override client identifier in DHCP requests |
+| ''vendorclass'' | string | no | //system default// | Override the vendor class in DHCP requests |
+| ''dns'' | list of ip addresses | no | //(none)// | Supplement DHCP-assigned DNS server(s), or use only these if peerdns is 0 |
+| ''peerdns'' | boolean | no | ''1'' | Use DHCP-provided DNS server(s) |
+| ''defaultroute'' | boolean | no | ''1'' | Whether to create a default route via the received gateway |
+| ''metric'' | integer | no | ''0'' | Specifies the default route metric to use |
+| ''reqopts'' | list of strings | no | //(none)// | Specifies a list of additional DHCP options to request |
+| ''iface6rd'' | logical interface | no | //(none)// | Logical interface template for auto-configuration of 6rd |
+=== Protocol "pppoe" (PPP over Ethernet) ===
+^ Name ^ Type ^ Required ^ Default ^ Description ^
+| ''username'' | string | no(?) | //(none)// | Username for PAP/CHAP authentication |
+| ''password'' | string | no(?) | //(none)// | Password for PAP/CHAP authentication |
+| ''ac'' | string | no | //(none)// | Specifies the Access Concentrator to connect to. If unset, ''pppd'' uses the first discovered one |
+| ''service'' | string | no | //(none)// | Specifies the Service Name to connect to, If unset, ''pppd'' uses the first discovered one |
+| ''connect'' | file path | no | //(none)// | Path to custom PPP connect script |
+| ''disconnect'' | file path | no | //(none)// | Path to custom PPP disconnect script |
+| ''keepalive'' | number | no | //(none)// | Number of connection failures before reconnect |
+| ''demand'' | number | no | //(none)// | Number of seconds to wait before closing the connection due to inactivity |
+| ''defaultroute'' | boolean | no | ''1'' | Replace existing default route on PPP connect |
+| ''peerdns'' | boolean | no | ''1'' | Use peer-assigned DNS server(s) |
+| ''dns'' | list of ip addresses | no | //(none)// | Override peer-assigned DNS server(s) |
+| ''ipv6'' | boolean | no | ''0'' | Enable IPv6 on the PPP link |
+| ''pppd_options'' | string | no | //(none)// | Additional command line arguments to pass to the pppd daemon |
+=== Protocol "pptp" (Point-to-Point Tunneling Protocol) ===
+^ Name ^ Type ^ Required ^ Default ^ Description ^
+| ''server'' | ip address | yes | //(none)// | Remote PPtP server |
+| ''username'' | string | no(?) | //(none)// | Username for PAP/CHAP authentication |
+| ''password'' | string | no(?) | //(none)// | Password for PAP/CHAP authentication |
+| ''buffering'' | boolean | no | ''1'' | <del>Enables buffering and reordering of packets, ''0'' disables it (''--nobuffer'')</del> pptp buffering option removed in r32482 |
+| ''keepalive'' | integer | no | ? | Number of attempts to reconnect |
+| ''defaultroute'' | boolean | no | ''1'' | Whether to create a default route over the tunnel  |
+| ''peerdns'' | boolean | no | ''1'' |Use PPTP-provided DNS server(s) |
+| ''delegate'' | boolean | no | ?  |Use builtin IPv6-management |
+| ''iface'' | string | no(?) | ''pptp-<vpn>'' | Name of the physical interface. Defaults to ''pptp-<vpn>'' no matter what you use |
+=== Protocol "l2tp" (PPP over L2TP Pseudowire Tunnel) ===
+Most options are similar to protocol "ppp".
+^ Name ^ Type ^ Required ^ Default ^ Description ^
+| ''server'' | string | yes | //(none)// | L2TP server to connect to (hostname or IP address) |
+| ''username'' | string | no | //(none)// | Username for PAP/CHAP authentication |
+| ''password'' | string | yes if ''username'' is provided | //(none)// | Password for PAP/CHAP authentication |
+| ''ipv6'' | bool | no | 0 | Enable IPv6 on the PPP link (IPv6CP) |
+| ''mtu'' | int | no | ''pppd'' default | Maximum Transmit/Receive Unit, in bytes |
+| ''keepalive'' | string | no | //(none)// | Number of unanswered echo requests before considering the peer dead. The interval between echo requests is 5 seconds. |
+| ''pppd_options'' | string | no | //(none)// | Additional options to pass to ''pppd'' |
+The name of the physical interface will be "l2tp-<logical interface name>".
+''forward_dhcp'' | boolean | no | ''1'' | Enables forwarding of DHCP requests and responses, ''0'' disables it |
+===== route =====
+Static //IPv4 routes// can be defined on specific interfaces using ''route'' sections. As for //aliases//, multiple sections can be attached to an interface.
+A minimal example looks like this:
+<code>config 'route' 'name_your_route'
+        option 'interface' 'lan'
+        option 'target' '172.16.123.0'
+        option 'netmask' '255.255.255.0'
+        option 'gateway' '172.16.123.100'</code>
+  * ''lan'' is the //logical interface name// of the parent interface
+  * ''172.16.123.0'' is the //network address// of the route
+  * ''255.255.255.0'' specifies the //route netmask//
+Legal options for //IPv4 routes// are:
+^ Name ^ Type ^ Required ^ Default ^ Description ^
+| ''interface'' | string | yes | //(none)// | Specifies the //logical interface name// of the parent (or master) interface this route belongs to; must refer to one of the defined ''interface'' sections |
+| ''target'' | ip address | yes | //(none)// | Network address |
+| ''netmask'' | netmask | no | //(none)// | Route netmask. If omitted, ''255.255.255.255'' is assumed which makes ''target'' a //host address// |
+| ''gateway'' | ip address | no | //(none)// | Network gateway. If omitted, the ''gateway'' from the parent interface is taken; if set to ''0.0.0.0'' no gateway will be specified for the route |
+| ''metric'' | number | no | ''0'' | Specifies the //route metric// to use |
+| ''mtu'' | number | no | //interface MTU// | Defines a specific MTU for this route |
+| ''table'' | routing table | no | //(none)// | Defines the table ID to use for the route. The ID can be either a numeric table index ranging from 0 to 65535 or a symbolic alias declared in /etc/iproute2/rt_tables. The special aliases local (255), main (254) and default (253) are recognized as well |
+| ''source'' | ip address | no | //(none)// | The preferred source address when sending to destinations covered by the target |
+| ''onlink'' | boolean | no | ''0'' | When enabled gateway is on link even if the gateway does not match any interface prefix (Barrier Breaker and later only) |
+| ''type'' | string | no | ''unicast'' | One of the types outlined in the Routing Types table below (Barrier Breaker and later only) |
+To disable a route quickly, the option ''enabled'' is not available. Just rewrite the ''route'' config section as ''disabled_route'' like:
+<file>
+config 'disabled_route' 'name_your_route'
+        ...lines...
+</file>
+and it will be recognized by the uci parser but not applied by the ''/etc/init.d/network'' script.
+===== rule =====
+Rules are required to define policy based routing.
+Example:
+<code>
+config rule
+	option mark   '0xFF'
+        option in     'lan'
+	option dest   '172.16.0.0/16'
+	option lookup '100'
+</code>
+The options below are defined for //IP rule// (''rule'' and ''rule6'') sections:
+^ Name ^ Type ^ Required ^ Default ^ Description ^
+| ''in'' | string | no | //(none)// | Specifies the incoming //logical interface name// |
+| ''out'' | string | no | //(none)// | Specifies the outgoing //logical interface name// |
+| ''src'' | ip subnet | no | //(none)// | Specifies the source subnet to match (CIDR notation) |
+| ''dest'' | ip subnet | no | //(none)// | Specifies the destination subnet to match (CIDR notation) |
+| ''tos'' | integer | no | //(none)// | Specifies the TOS value to match in IP headers |
+| ''mark'' | mark/mask | no | //(none)// | Specifies the //fwmark// and optionally its mask to match, e.g. ''0xFF'' to match mark 255 or ''0x0/0x1'' to match any even mark value |
+| ''invert'' | boolean | no | ''0'' | If set to ''1'', the meaning of the match options is inverted |
+| ''priority'' | integer | no | //(incrementing)// | Controls the order of the IP rules, by default the priority is auto-assigned so that they are processed in the same order they're declared in the config file |
+| ''lookup'' | routing table | at least one of | //(none)// | The rule target is a table lookup, the ID can be either a numeric table index ranging from ''0'' to ''65535'' or a symbolic alias declared in ''/etc/iproute2/rt_tables''. The special aliases ''local'' (''255''), ''main'' (''254'') and ''default'' (''253'') are recognized as well |
+| ''goto'' | rule index | ::: | ::: | The rule target is a jump to another rule specified by its ''priority'' value |
+| ''action'' | string | ::: | ::: | The rule target is one of the routing actions outlined in the table below |
+=== Routing Actions ===
+^ Action ^ Description ^
+| ''prohibit'' | When reaching the rule, respond with //ICMP prohibited// messages and abort route lookup |
+| ''unreachable'' | When reaching the rule, respond with //ICMP unreachable// messages and abort route lookup |
+| ''blackhole'' | When reaching the rule, drop packet and abort route lookup |
+| ''throw'' | Stop lookup in the current routing table even if a default route exists |

Differences

Page Tools