/usr/share/doc/initscripts-9.03.40/sysconfig.txt
/etc/sysconfig/network-scripts/ifcfg-<interface-name>:<alias-name>:
The first defines an interface, and the second contains
only the parts of the definition that are different in a
"alias" (or alternative) interface. For example, the
network numbers might be different, but everything else
might be the same, so only the network numbers would be
in the alias file, but all the device information would
be in the base ifcfg file.
The items that can be defined in an ifcfg file depend on the
interface type. The really obvious ones I‘m not going to
bother to define; you can figure out what "IPADDR" is, I
think... :-)
Base items:
NAME=<friendly name for users to see>
Most important for PPP. Only used in front ends.
DEVICE=<name of physical device (except dynamically-allocated PPP
devices where it is the "logical name")>
IPADDRn=
PREFIXn=
Network prefix. It is used for all configurations except aliases
and ippp devices. It takes precedence over NETMASK when both
PREFIX and NETMASK are set.
NETMASKn=
Subnet mask; just useful for aliases and ippp devices. For all other
configurations, use PREFIX instead.
The "n" is expected to be consecutive positive integers starting from 0.
It can be omitted if there is only one address being configured.
GATEWAY=
METRIC=
Metric for the default route using GATEWAY
ONBOOT=yes|no (not valid for alias devices; use ONPARENT)
HOTPLUG=yes|no
USERCTL=yes|no
BOOTPROTO=none|bootp|dhcp
VLAN=yes|no
MTU=
Default MTU for this device
WINDOW=
Default window for routes from this device
PEERDNS=yes|no
modify /etc/resolv.conf if peer uses msdns extension (PPP only) or
DNS{1,2} are set, or if using dhclient. default to "yes".
DNS{1,2}=<ip address>
provide DNS addresses that are dropped into the resolv.conf
file if PEERDNS is not set to "no".
SCOPE=
Set to "scope SCOPE-ID" to set a non-default scope. Supported only on
Ethernet with BOOTPROTO=none.
SRCADDR=
use the specified source address for outgoing packets
HWADDR=
ethernet hardware address for this device
MACADDR=
Set the hardware address for this device to this.
Use of this in conjunction with HWADDR= may cause
unintended behavior.
NOZEROCONF=
Set this to not set a route for dynamic link-local addresses
over this device.
PERSISTENT_DHCLIENT=yes|no|1|0
Without this option, or if it is ‘no‘/‘0‘, and BOOTPROTO=dhcp,
dhclient is run for the interface in "one-shot" mode; if the
dhcp server does not respond for a configurable timeout, then
dhclient exits and the interface is not brought up -
the ‘-1‘ option is given to dhclient.
If PERSISTENT_DHCLIENT=yes, then dhclient will keep on trying
to contact the dhcp server when it does not respond - no ‘-1‘
option is given to dhclient. Note: this disables the automatic
checking for the presence of a link before starting dhclient.
DHCPRELEASE=yes|no|1|0
With this option set to ‘yes‘ (1), when a dhcp configured
interface is brought down with ‘ifdown‘, the lease will be
released. Otherwise, leases are not released.
DHCP_HOSTNAME=<name>
Sends the specified hostname to the DHCP server.
DHCLIENT_IGNORE_GATEWAY=yes|no|1|0
If set to ‘yes‘, it will cause dhclient-script to ignore any $GATEWAY
setting that may be in the ifcfg file for this interface.
Otherwise, the dhclient session which obtains an ip-address
on the same subnet as $GATEWAY will set the default route
to be via $GATEWAY, and no other dhclient session will set
the default route.
DHCLIENTARGS=
Any additional arguments to dhclient.
NM_CONTROLLED=yes|no
If set to ‘no‘, NetworkManager will ignore this connection/device.
Defaults to ‘yes‘.
ARPCHECKn=yes|no
If set to ‘no‘, ifup will not try to determine, if requested ip address
is used by other machine in network.
Defaults to ‘yes‘.
IPV4_FAILURE_FATAL=yes|no
If set to yes, ifup-eth will end immediately after ipv4 dhclient fails.
Defaults to ‘no‘.
If BOOTPROTO is not "none", then the only other item that
must be set is the DEVICE item; all the rest will be determined
by the boot protocol. No "dummy" entries need to be created.
Base items being deprecated:
NETWORK=<will be calculated automatically with ipcalc>
BROADCAST=<will be calculated automatically with ipcalc>
Alias specific items:
ONPARENT=yes|no
Whether to bring up the device when the parent device is brought
up.
Default: yes
IPv6-only items for real interfaces:
IPV6INIT=yes|no
Enable or disable IPv6 configuration for this interface
Default: no
IPV6FORWARDING=yes|no
Enable or disable global forwarding of incoming IPv6 packets
Note: Obsolete in interface specification!
Default: no
IPV6ADDR=<IPv6 address>[/<prefix length>]
Specify a primary static IPv6 address here
Optional, if normal host and a router advertisement daemon is on local link
Required, if node is a router and interface should route packets
Note: if prefix length is omitted, 64 is assumed
Example:
IPV6ADDR="3ffe:ffff:0:5::1"
IPV6ADDR="3ffe:ffff:0:1::1/128"
IPV6ADDR_SECONDARIES="<IPv6 address>[/<prefix length>] ..." (optional)
A list of secondary IPv6 addresses (e.g. useful for virtual hosting)
Example:
IPV6ADDR_SECONDARIES="3ffe:ffff:0:1::10 3ffe:ffff:0:2::11/128"
IPV6_MTU=<MTU of link> (optional)
Optional, dedicated MTU of this link
Note: Must be greater or equal to 1280.
Example:
IPV6_MTU="1280"
IPV6_PRIVACY=rfc3041
Enables RFC 3041 IPv6 privacy support if set.
Default: RFC 3041 support disabled
Special configuration options for multi-homed hosts etc.
IPV6_ROUTER=yes|no: Controls IPv6 autoconfiguration
IPV6_AUTOCONF=yes|no: Controls IPv6 autoconfiguration
Defaults:
Global IPV6FORWARDING=yes: IPV6_AUTOCONF=no, IPV6_ROUTER=yes
Global IPV6FORWARDING=no: IPV6_AUTOCONF=yes
Optional settings for a 6to4 tunnel
IPV6TO4INIT=yes|no
Enable or disable 6to4 tunneling setup
Default: no
IPV6TO4_RELAY=<IPv4 address> (optional)
IPv4 address of the remote 6to4 relay
Note: if this is omitted, ::192.88.99.1 (the anycast relay address) is chosen
IPV6TO4_IPV4ADDR=<IPv6 address>[/<prefix length>] (optional)
Overwrite local IPv4 address which is accessible from the Internet
(optional, in case of static IPv4-NAT behind a router or other special scenarios)
IPV6TO4_MTU=<MTU for IPv6> (optional)
Controls IPv6 MTU for the 6to4 tunnel
Note: Must be greater or equal to 1280
Example:
IPV6TO4_MTU="1280"
Default: MTU of master device - 20
IPV6TO4_ROUTING="<device>-<suffix>/<prefix length> ..." (optional)
A list of routing tokens to setup proper IPv6 interfaces on the LAN
Example:
IPV6TO4_ROUTING="eth0-:0004::1/64 eth1-:0005::1/64"
Will create one address per eth0 and eth1, taking given SLA
Optional settings for a 6to4 tunnel or a ppp link
IPV6_CONTROL_RADVD=yes|no (optional)
Enable signaling radvd that the 6to4 prefix has been changed or a
preconfigured dynamic device is up or down
Default: no
IPv6-only items for static tunnel interface:
Interface name: sitX (X => 1)
IPV6INIT=yes|no
Enable or disable IPv6 configuration for this interface
Default: no
IPV6TUNNELIPV4=<IPv4 address>
Specify IPv4 address of a foreign IPv6-in-IPv4 tunnel endpoint
Example:
IPV6TUNNELIPV4="1.2.3.4"
IPV6TUNNELIPV4LOCAL=<IPv4 address>
Specify local IPv4 address of tunnel, useful on interfaces with multiple IPv4 addresses
IPV6ADDR=<IPv6 address>[/<prefix length>] (optional)
local IPv6 address of a numbered tunnel
IPV6ADDR_SECONDARIES="<IPv6 address>[/<prefix length>] ..." (optional)
A list of secondary IPv6 addresses (example see above)
IPV6_MTU=<MTU of tunnel> (optional)
Optional, dedicated MTU of this tunnel
Note: Must be greater or equal to 1280
Example:
IPV6_MTU="1280"
IPv6-only option to enable DHCPv6 client:
DHCPV6C=yes|no
This will enable the DHCPv6 features of dhclient to be run for the interface.
See man dhclient(8) and dhclient.conf(5).
DHCPV6C_OPTIONS=...
This will pass given arguments to the DHCPv6 client. For example,
"-S" option will request network information (e.g., DNS addresses)
only, not IPv6 addresses.
Ethernet-only items:
ARP=yes|no (adds ‘arp‘ flag to ifconfig, for use with the
ethertap device)
LINKDELAY=<time in seconds>
Time that the system should pause after the specific interface is
enabled. This may be useful if one interface is connected to a
switch which has spanning tree enabled and must wait for STP to
converge before the interface should be considered usable.
BRIDGE=<br* device>
If set, the ethernet device is not assigned an address. It is added to
the specified bridge device instead.
Deprecated, but supported:
ETHTOOL_OPTS=...
Any device-specific options supported by ethtool. For example,
if you wanted to force 100Mb full duplex:
ETHTOOL_OPTS="speed 100 duplex full autoneg off"
Note that changing speed or duplex settings almost always
requires disabling autonegotiation with ‘autoneg off‘.
Long term, this should be done by sysadmin-written udev rules.
No longer supported:
PROMISC=yes|no (enable or disable promiscuous mode)
ALLMULTI=yes|no (enable or disable all-multicast mode)
To properly set these, use the packet socket interface.
Ethernet 802.1q VLAN items:
DEVICE=eth0.42
Initscripts use the device name for VLAN devices.
Example: eth0.42 for vlan 42 on device eth0.
Valid VLAN ID range is 0-4095. Most ethernet switches reserve
VLAN ID 1 to be used as management VLAN; starting from VLAN
ID 2 is recommended.
REORDER_HDR=yes|no
When enabled the VLAN device will move the ethernet header
around to make it look exactly like a real ethernet device.
This may help programs such as ISC dhcpd which read the raw
ethernet packet and make assumptions about the location of
bytes. If you don‘t need it turn it off because there
is a small performance penalty. Default is on.
PPP/SLIP items:
PERSIST=yes|no
MODEMPORT=<device, say /dev/modem>
LINESPEED=<speed, say 115200>
DEFABORT=yes|no (tells netcfg whether or not to put default
abort strings in when creating/editing the chat script and/or
dip script for this interface)
(meaningless with WVDIALSECT)
PPP-specific items
WVDIALSECT=<list of sections from wvdial.conf to use>
If this variable is set, then the chat script (if it
exists) is ignored, and wvdial is used to open the
PPP connection.
DEFROUTE=yes|no (set this interface as default route? yes is default)
DEBUG=yes|no (defaults to yes)
turns on/off pppd and chat (if used) debugging.
ESCAPECHARS=yes|no (simplified interface here doesn‘t let people
specify which characters to escape; almost everyone can use
asyncmap 00000000 anyway, and they can set PPPOPTIONS to
asyncmap foobar if they want to set options perfectly)
HARDFLOWCTL=yes|no (yes implies "modem crtscts" options)
PPPOPTIONS=<arbitrary option string; is placed last on the
command line, so it can override other options like asyncmap
that were specified differently>
PAPNAME=<"name $PAPNAME" on pppd command line> (note that
the "remotename" option is always specified as the logical
ppp device name, like "ppp0" (which might perhaps be the
physical device ppp1 if some other ppp device was brought
up earlier...), which makes it easy to manage pap/chap
files -- name/password pairs are associated with the
logical ppp device name so that they can be managed
together.
REMIP=<remote ip address, normally unspecified>
MTU=
MRU=
DISCONNECTTIMEOUT=<number of seconds, default currently 5>
(time to wait before re-establishing the connection after
a successfully-connected session terminates before attempting
to establish a new connection.)
RETRYTIMEOUT=<number of seconds, default currently 60>
(time to wait before re-attempting to establish a connection
after a previous attempt fails.)
RETRYCONNECT=yes|no (defaults to yes)
If this is yes, then we will re-run pppd if it exits with a
"connect script failed" status. Otherwise, only one attempt
is made to bring up the connection. Note that some connect
scripts (for example, wvdial) might do their own retries (such
as BUSY or NO DIALTONE conditions).
MAXFAIL=<number>
If this is set, this will cause ppp-watch to exit after
the specified number of attempts.
DEMAND=yes|no
Switches on demand-dialing mode using pppd‘s "demand" option.
IDLETIMEOUT=600
The amount of time the link needs to be inactive before pppd will
bring it down automatically.
BOOTTIMEOUT=30
The amount of time to wait at boot before giving up on the
connection.
IPPP-specific items (ISDN)
PROVIDER=<ProviderName>
USER=<Login>
PASSWORD=<Password>
ENCAP=[syncppp|]
DIALMODE=[manual|auto]
SECURE=off|on
MSN=<>
PHONE_IN=<Callback.Number>
AREACODE=<>
REGIONCODE=<>
PHONE_OUT=<PhoneNumber>
BUNDLING=off|on
HUPTIMEOUT=<number>
DNS1=<PrimaryDNS>
DNS2=<SecondaryDNS>
DOMAIN=""
LAYER=[HDLC|]
CALLBACK=off|on
CHARGEHUP=<number>
CHARGEINT=<number>
CBHUP=<number>
CBDELAY=<number>
DIALMAX=<number>
AUTH=[+pap] [-chap]
IHUP=<>
DELDEFAULTROUTE=[enabled|disabled]
CBCP=off|on
VJ=off|on
VJCCOMP=off|on
AC=off|on
PC=off|on
BSDCOMP=off|on
CCP=off|on
SLAVE_DEVICE=ippp[0-9]
ippp0 items being deprecated:
BOOT=[on|off] will be converted to ONBOOT=[yes|no] by netconf
LOCAL_IP= will be converted to IPADDR by netconf
REMOTE_IP= will be converted to GATEWAY by netconf
Wireless-specific items:
See iwconfig(8) for additional information.
MODE=[Ad-Hoc|Managed|Master|Repeater|Secondary|Monitor|Auto]
ESSID=
Defaults to "any".
NWID=
FREQ=
Ignored if MODE=Managed.
CHANNEL=
Ignored if MODE=Managed.
SENS=<sensitivity threshold>
RATE=
KEY{1,2,3,4}=<WEP key with the given index>
DEFAULTKEY=<default key index>
KEY=<default WEP key>
SECURITYMODE=[on|off|open|restricted]
RTS=[auto|fixed|off|<rts threshold>]
FRAG=[off|<fragmentation threshold>]
IWCONFIG=<other iwconfig(8) options>
SPYIPS=<list of IP addresses to monitor for link quality>
IWPRIV=<iwpriv(8) commands>
Bonding-specific items
SLAVE=yes
Specifies device as a slave
MASTER=bondXX
Specifies master device to bind to
BONDING_OPTS=
A space-separated list of options to the bonding driver for this
interface, such as:
"mode=active-backup arp_interval=60 arp_ip_target=192.168.1.1,192.168.1.2"
Tunnel-specific items:
TYPE=GRE|IPIP
MY_INNER_IPADDR=local IP address of the tunnel interface
PEER_OUTER_IPADDR=IP address of the remote tunnel endpoint
MY_OUTER_IPADDR=IP address of the local tunnel endpoint
If unspecified, an IP address is selected automatically for outgoing
tunnel packets, and incoming tunnel packets are accepted on all local
IP addresses.
PEER_INNER_IPADDR=IP address of the remote end of the tunnel interface
If this is specified, a route to PEER_INNER_IPADDR through the tunnel
is added automatically.
TTL=TTL value for tunnel packets
Default is to use the TTL of the packet transported through the tunnel
Bridge-specific items:
TYPE=Bridge
STP=off|on (see ‘brctl stp‘)
DELAY=forward delay time in seconds (see ‘brctl setfd‘)
BRIDGING_OPTS=
A space-separated list of bridging options for either the bridge
device, or the port device, such as:
BRIDGING_OPTS="hello_time=200 priority=65535"
for bridge devices, or
BRIDGING_OPTS="hairpin_mode=1"
for port devices.
TUN/TAP-specific items:
OWNER=<owner of the device>