1. Manuals
  2. Tumbleweed
  3. wicked
  4. ifcfg(5)

Scroll to navigation

IFCFG(5) Network configuration IFCFG(5)

NAME

ifcfg - common elements of network interface configuration

SYNOPSIS

/etc/sysconfig/network/ifcfg-*

FILENAMES AND EXTENSIONS

Configuration filenames that contain the following blacklisted extensions, will be ignored by wicked:

~ .old .bak .orig .scpmbackup .rpmnew .rpmsave .rpmorig

VARIABLES

The following is a list of variables that can be put in the configuration file, with an example in parentheses. * marks the default. For the meaning of suffix, see the section Multiple addresses.

Choose when the interface should be set up.

Interface will be set up if ifup is called manually

Interface will be set up as soon as it is available (and service network was started). This either happens at boot time when network is starting or via hotplug when a interface is added to the system (by adding a device or loading a driver). To be backward compliant onboot, on and boot are aliases for auto.

Interface will be activated when it is available. Use instead of auto for devices which may be missed, such as bonding slaves, usb or other plugable hardware.

Nearly like auto, but interfaces with this startmode will be not shut down by default. Use this mode when you use a root filesystem via network or want to avoid interface shutdown. To force a nfsroot interface down, use either wicked ifdown --force device-down <interface> or ifdown <interface> -o force.

Will never be activated.
Hotplugging is available only when wickedd-nanny is enabled.
See wicked-config(5) for instructions how to enable it.
Without nanny, an ifup call performs a one-shot setup (obsolete).

Setup protocol. If this variable is empty or missing, it defaults to static.

A fixed addresses specified in IPADDR and related variables and static routing as defined in routes and ifroute-<interface name> files is configured. This option does not prevent from getting dynamic IPv6 addresses and routes from Router Advertisements, though.

A DHCPv4, DHCPv6 or both clients are started to configure the interface. The setup is considered successful, when at least one dhcp client configures the interface. Additionally to the dhcp client configuration, fixed addresses and routes may also be specified.
Note:
Static routes take precedence over routes provides by dhcp or other leases, that is, a DHCPv4 route with same metrics as a static one will be skipped. DHCPv6 does not support routing options, an IPv6 Router Advertisement (RA) is applying them.

may be used for a IPv4 zeroconf setup or as fall back to autoip if dhcp4 fails.

can be used to request to wait for IPv6 autoconfig (in kernel), usable also in combination with dhcp or static modes, e.g. dhcp+auto6 to request dhcp4, dhcp6 and also wait for auto6. Default is to not wait, but apply the RDNSS and DNSSL resolver (lowerered prio in netconfig) settings when they arrive.
6to4

to set up IPv6 tunnel interfaces running in the "6to4" mode.
See also ifcfg-tunnel(5) manual page.

none
For bonding slaves, to skip the link-layer (MTU, MAC address) setup and IP configuration of the interface in ifup. The bonding script handles the link layer settings itself at enslave time. See also ifcfg-bonding(5) man page. Note: Do not use to just skip the IP setup -- use BOOTPROTO="static" without any addresses in the IPADDR variables (or routes) instead.

IP address, either IPv4 or IPv6. You may add /<prefixlength> in both cases and omit NETMASK or PREFIXLEN. If you need more then one IP address use this variable multiple times with different suffixes added. See section Multiple addresses below. If no address is configured the interface will just be activated (UP).
Number of bits in IPADDR that form the network address. Alternatively add a prefix-length to IPADDR or use NETMASK. PREFIXLEN is preferred over NETMASK. but highest priority has a prefix-length added to the IP address in the variable IPADDR.
Network mask. Alternatively add a prefix-length to IPADDR or use PREFIXLEN. This variable is ignored if a prefix-length is specified.
Network broadcast. If you omit the broadcast address, it will be calculated from netmask or prefix-length. You can affect the calculation with the variable DEFAULT_BROADCAST in /etc/sysconfig/network/config. See the description there.
The remote IP address of a point to point connection
Each address may be tagged with a label string. In order to preserve compatibility with Linux-2.0 net aliases, this string must coincide with the name of the device or must be prefixed with the device name followed by colon. This may be useful with Multiple addresses (see below).
The scope of the area where this address is valid. The available scopes are listed in file /etc/iproute2/rt_scopes. Predefined scope values are:
global - the address is globally valid.

site - (IPv6 only) the address is site local, i.e. it is valid inside this site.

link - the address is link local, i.e. it is valid only on this device.

host - the address is valid only inside this host.

Set the maximum transfer unit (MTU) for this interface.
Set an individual link layer address (MAC address).
While a working and connected link is required for further setup steps, such as bridge STP, link authentication, auto configuration of the IP address (dhcp, ...) and duplicate IP address detection (enabled by default), it is required in some cases to continue the setup without to consider the link detection (carrier), e.g. in well-known static "router like" setups. You may want to disable also the duplicate IP detection (see CHECK_DUPLICATE_IP and the ifsysctl(5) manual page).

This variable permits to configure the waiting for link-detection. When set to yes, wicked waits until link has been detected before it continues with further steps. When set to no, wicked is permitted to continue earlier, without to wait for a link in a usable state. When set to auto (default), an internal logic is applied causing to use a "no" for tun/tap devices (which require a driver daemon) and for bridges with enabled STP and without any ports. In other cases, it behaves as "yes".

This variable configures how long to wait for the link detection (by the kernel / network card driver) in seconds. Default is 0, causing to not wait at all if link is not required or wait infinitely when link is required, so nanny can continue with the setup when the cable gets connected to the network card after a while. Note, that an ifup call has it's own, independent timeout, which is limitting the maximal time ifup waits before it has to report (see global network/config WAIT_FOR_INTERFACES variable).
If this variable is not empty, wicked will set these options on an ethernet type device. See the ethtool (8) manual page for available options. If the option string starts with a '-' (e.g. '-K iface rx on'), then the second word in the string will be replaced with the current interface name. Otherwise (e.g. 'autoneg off speed 10') ifup prepends '-s <interface>'. The optional variable suffix can be used to apply every setting separately, e.g.:


ETHTOOL_OPTIONS='autoneg off speed 10'
ETHTOOL_OPTIONS_gro='-K iface gro off'
ETHTOOL_OPTIONS_lro='-K iface lro off'

The NIC driver may reject settings as not supported (e.g. '-K iface lro off') or also when the link is not up.

Permits to specify how long to wait for IPv6 autoconfig when requested with the auto6 or +auto6 tag in BOOTPROTO variable. When unset, a wicked built-in default defer time (10sec) is used.
Permits to specify whether to update dns (rdnss,dnssl) from IPv6 RA when requested with the auto6 or +auto6 tag in BOOTPROTO variable. Without an explicit request, the dns settings are updated, when the autoconf sysctl (address autoconf) is enabled.
Whether to detect duplicate IPv4 addresses or not. Set to "no" to disable it. By default, duplicate IPv4 addresses checks are enabled on ARP capable devices.

The IPv6 duplicate address detection is configured by the accept_dad sysctl variable (see ifsysctl(5)). Note, that duplicate addresses check requires a connected/usable link and skipped when it is not (see LINK_REQUIRED).

When a new IPv4 has been configured on an interface, send a gratuitous ARP to inform the receivers about the address (trigger arp cache update). Default is to send gratuitous ARP, when also duplicate IPv4 address check is enabled and the check were successful.
Using this variable you may set up different tunnels. See ifcfg-tunnel (5) manual page.
Needed only for virtual LANs (802.1q). It contains the real interface to use for the vlan interface. See ifcfg-vlan (5) manual page.
These are used to set up interface bonding. See ifcfg-bonding (5) manual page.
is used to set the infiniband transport mode of an IB device to one of "connected" (CM - Connected Mode) or "datagram" (UD - Unreliable Datagram).
is used to enable/disable user-multicast for an IB device by setting to "allowed" or "disallowed".
In case ifup cannot determine the interface type properly, you may specify the correct type in this variable to override the behavior and force ifup to handle the interface differently than it detected from system or config. Please always open a bug report when it is required to set the type.
Here you can hook a script (better: an executable) or systemd service name to perform individual actions before/after the interface is set up or before/after the interface is set down by specifying the script names in a space separated list.

Wicked supports multiple schemes for the scripts.


- systemd:<service.name>" scheme:
Permits a service name or template which will be completed with interface name as its argument, e.g.:

POST_UP_SCRIPT="systemd:my-eth-post-up.service"
POST_UP_SCRIPT="systemd:my-post-up@.service"

On pre-up and post-up actions the service is started, on pre-down and post-down the service will be stopped.

The service should make use of an device service unit binding BindsTo=sys-subsystem-net-devices-%i.device so it gets stopped, when the device suddenly disappears. See also man systemd.unit(5).

- wicked:<script> scheme:
Permits to specify a script or script directory either as an absolute path or relative to the /etc/wicked/scripts directory, e.g.:

POST_UP_SCRIPT="wicked:post-up"
POST_UP_SCRIPT="wicked:post-up/script1"
POST_UP_SCRIPT="wicked:/path/to/my-script-or-dir"

The script is executed as "$script $action $interface" with the pre-up, post-up, pre-down, post-down actions corresponding with the variable name.

- compat:suse:<script> scheme:
Permits to specify a script or script directory either as an absolute path or relative to the /etc/sysconfig/network/scripts directory, e.g.:

POST_UP_SCRIPT="compat:suse:post-up-script1"
POST_UP_SCRIPT="compat:suse:/path/to/my-script-or-dir"

The script is executed as "$script $interface $interface -o $action" with the pre-up, post-up, pre-down, post-down actions corresponding with the variable name.

Note: The script scheme must be specified as a safeguard to not execute any old and not-compatible sysconfig ifup scripts (which may depend on different files, internal state, ...). Once the script has been adopted, prepend e.g. the "compat:suse:" scheme to activate.

Permits to disable the execution of the firewall extension scripts hooks on ifup and ifdown of an interface.
The per-interface firewall zone name passed to the firewall extension script to assign the interface to the specified zone instead of a default one (when supported by the firewall framework, e.g. firewalld).

GENERAL VARIABLES

/etc/sysconfig/network/config
Specifies how log ifup waits for interfaces in seconds by default before it stops processing and reports the status reached until then. This time may be automatically increased in case of involved devices which require more time, such as bridge with enabled STP (IEEE defaults may need up to 50 seconds additionally).

This setting can be overridden by the wicked ifup --timeout option (see the wicked(8) manual page). Note: nanny is not affected by this ifup reporting timeout and continues to setup in background until ifdown or reboot.

netconfig(8) manual page.

/etc/sysconfig/network/dhcp
manual page.

EXAMPLES

You can extend the variable name IPADDR by any string you like. For example IPADDR_1, IPADDR-FOO or IPADDRxxx. Use these variables for your IP addresses. If you need some additional parameters for these addresses, then just add the same extension to these variable names: BROADCAST, NETMASK, PREFIXLEN, REMOTE_IPADDR, LABEL, SCOPE, IP_OPTIONS.

Example:
IPADDR_AAA=1.2.3.4
NETMASK_AAA=255.0.0.0
BROADCAST_AAA=1.2.3.55
IPADDR_BBB=10.10.2.3/16
LABEL_BBB=BBB
and so on ...

COPYRIGHT

Copyright (C) 2004-2015 SUSE LINUX GmbH, Nuernberg, Germany.

BUGS

Please report bugs at <http://bugs.opensuse.org>

AUTHOR

Michal Ludvig
Karol Mroz
Pawel Wieczorkiewicz
Marius Tomaschewski

SEE ALSO

ifcfg-dhcp(5), ifcfg-bonding(5), ifcfg-tunnel(5), ifcfg-vlan(5), ifcfg-wireless(5), wicked(8).

August 2004 wicked