MAN page from Fedora 27 wicked-0.6.43-


Section: Network configuration (5)
Updated: August 2004



ifcfg - common elements of network interface configuration 




Configuration filenames that contain the following blacklistedextensions, will be ignored by wicked:
~ .old .bak .orig .scpmbackup .rpmnew .rpmsave .rpmorig


The following is a list of variables that can be put in theconfiguration file, with anexample in parentheses.* marks the default.For the meaning ofsuffix,see the sectionMultiple addresses.

STARTMODE {manual*|auto|nfsroot|hotplug|off}
Choose when the interface should be set up.

Interface will be set up if ifup is called manually

Interface will be set up as soon as it is available (and service network wasstarted). This either happens at boot time when network is starting or viahotplug when a interface is added to the system (by adding a device or loadinga driver). To be backward compliantonboot,onandbootare aliases forauto.

Interface will be activated when it is available. Use instead of auto fordevices which may be missed, such as bonding slaves, usb or other plugablehardware.

Nearly likeauto,but interfaces with this startmode will be not shut down by default.Use this mode when you use a root filesystem via network or want to avoidinterface shutdown. To force a nfsroot interface down, use eitherwicked ifdown --force device-down <interface> orifdown <interface> -o force.

Will never be activated.
Hotplugging is available only when wickedd-nanny is enabled.
See wicked-config(5) for instructions how to enable it.
Without nanny, an ifup call preforms a one-shot setup.

BOOTPROTO {static*|dhcp|dhcp4|dhcp6|autoip|dhcp+autoip|auto6|6to4|none}
Setup protocol. If this variable is empty or missing, it defaults to static.

A fixed addresses specified in IPADDR and related variables and staticrouting as defined in routes and ifroute-<interface name>files is configured. This option does not prevent from getting dynamic IPv6addresses and routes from Router Advertisements, though.
dhcp4 dhcp6 dhcp

A DHCPv4, DHCPv6 or both clients are started to configure the interface. Thesetup is considered successful, when at least one dhcp client configures theinterface. Additionally to the dhcp client configuration, fixed addresses androutes may also be specified.
Static routes take precedence over routes provides by dhcp or other leases,that is, a DHCPv4 route with same metrics as a static one will be skipped.DHCPv6 does not support routing options, an IPv6 Router Advertisement (RA)is applying them.
auto4 autoip dhcp+autoip

may be used for a IPv4 zeroconf setup or as fall back to autoip if dhcp4 fails.

can be used to request to wait for IPv6 autoconfig (in kernel), usable alsoin combination with dhcp or static modes, e.g. dhcp+auto6 to request dhcp4,dhcp6 and also wait for auto6. Default is to not wait, but apply the RDNSSand DNSSL resolver (lowerered prio in netconfig) settings when they arrive.

to set upIPv6tunnel interfaces running in the "6to4" mode.
See also ifcfg-tunnel(5) manual page.

For bonding slaves, to skip the link-layer (MTU, MAC address) setup and IPconfiguration of the interface in ifup. The bonding script handles the linklayer settings itself at enslave time. See also ifcfg-bonding(5) man page.Note: Do not use to just skip the IP setup -- use BOOTPROTO="static"without any addresses in the IPADDR variables (or routes) instead.

IPADDR[suffix] {IPv4|IPv6}[/PREFIXLEN]
IP address, either IPv4 or IPv6. You may add/<prefixlength>in both cases and omitNETMASKorPREFIXLEN.If you need more then one IP address use this variable multiple times withdifferent suffixes added. See sectionMultiple addressesbelow. If no address is configured the interface will just be activated (UP).
Number of bits in IPADDR that form the networkaddress. Alternatively add a prefix-length toIPADDRor useNETMASK.PREFIXLENis preferred overNETMASK.but highest priority has a prefix-length added to the IP address in the variableIPADDR.
Network mask. Alternatively add a prefix-length toIPADDRor usePREFIXLEN.This variable is ignored if a prefix-length is specified.
Network broadcast. If you omit the broadcast address, it will be calculated fromnetmask or prefix-length. You can affect the calculation with the variableDEFAULT_BROADCASTin/etc/sysconfig/network/config.See the description there.
The remote IP address of a point to point connection
Each address may be tagged with a label string. In order to preservecompatibility with Linux-2.0 net aliases, this string must coincide with thename of the device or must be prefixed with the device name followed bycolon.This may be useful withMultiple addresses(see below).
The scope of the area where this address is valid.The available scopes are listed in file/etc/iproute2/rt_scopes.Predefined scope values are:global- the address is globally valid.

site- (IPv6 only) the address is site local, i.e. it isvalid inside this site.

link- the address is link local, i.e. it is valid only on this device.

host- the address is valid only inside this host.

Set the maximum transfer unit (MTU) for this interface.
Set an individual link layer address (MAC address).
LINK_REQUIRED { auto | yes | no }
While a working and connected link is required for further setupsteps, such as bridge STP, link authentication, auto configurationof the IP address (dhcp, ...) and duplicate IP address detection(enabled by default), it is required in some cases to continuethe setup without to consider the link detection (carrier), well-known static "router like" setups. You may want to disablealso the duplicate IP detection (see CHECK_DUPLICATE_IP andthe ifsysctl(5) manual page).

This variable permits to configure the waiting for link-detection.When set to yes, wicked waits until link has been detectedbefore it continues with further steps.When set to no, wicked is permitted to continue earlier,without to wait for a link in a usable state.When set to auto (default), an internal logic is appliedcausing to use a "no" for tun/tap devices (which require a driverdaemon) and for bridges with enabled STP and without any ports.In other cases, it behaves as "yes".

This variable configures how long to wait for the link detection(by the kernel / network card driver) in seconds.Default is 0, causing to not wait at all if link is not requiredor wait infinitely when link is required, so nanny can continuewith the setup when the cable gets connected to the network cardafter a while.Otherwise wicked will wait until the specified number of secondsand continue with further steps if link is not required or failand stop further steps if nanny is not used (see use-nannyin wicked-config(5)).Note, that an ifup call has it's own, independent timeout, whichis limitting the maximal time ifup waits before it has to report(see global network/config WAIT_FOR_INTERFACES variable).
If this variable is not empty, wicked will set these options on anethernet type device.See theethtool (8)manual page for available options.If the option string starts with a '-' (e.g. '-K iface rx on'), then thesecond word in the string will be replaced with the current interface name.Otherwise (e.g. 'autoneg off speed 10') ifup prepends '-s <interface>'.The optional variable suffix can be used to apply every setting separately,e.g.:

  ETHTOOL_OPTIONS='autoneg off speed 10'
  ETHTOOL_OPTIONS_gro='-K iface gro off'
  ETHTOOL_OPTIONS_lro='-K iface lro off'

The NIC driver may reject settings as not supported (e.g. '-K iface lro off')or also when the link is not up.

AUTO6_WAIT_AT_BOOT { number of seconds }
Permits to specify how long to wait for IPv6 autoconfig when requestedwith the auto6 or +auto6 tag in BOOTPROTO variable.When unset, a wicked built-in default defer time (10sec) is used.
AUTO6_UPDATE { all | dns | none }
Permits to specify whether to update dns (rdnss,dnssl) from IPv6 RA whenrequested with the auto6 or +auto6 tag in BOOTPROTO variable. Without anexplicit request, the dns settings are updated, when the autoconf sysctl(address autoconf) is enabled.
Whether to detect duplicate IPv4 addresses or not. Set to "no" to disable it.By default, duplicate IPv4 addresses checks are enabled on ARP capable devices.

The IPv6 duplicate address detection is configured by the accept_dad sysctlvariable (see ifsysctl(5)).Note, that duplicate addresses check requires a connected/usable link andskipped when it is not (see LINK_REQUIRED).

SEND_GRATUITOUS_ARP { auto | yes | no }
When a new IPv4 has been configured on an interface, send a gratuitous ARPto inform the receivers about the address (trigger arp cache update).Default is to send gratuitous ARP, when also duplicate IPv4 address checkis enabled and the check were sucessful.
Using this variable you may set up different tunnels. Seeifcfg-tunnel(5)manual page.
Needed only for virtual LANs (802.1q). It contains the real interface to use for the vlaninterface. Seeifcfg-vlan(5)manual page.
These are used to set up interface bonding. Seeifcfg-bonding(5)manual page.
is used to set the infiniband transport mode of an IB device to one of "connected"(CM - Connected Mode) or "datagram" (UD - Unreliable Datagram).
is used to enable/disable user-multicast for an IB device by setting to "allowed"or "disallowed".
In case ifup cannot determine the interface type properly, you may specify thecorrect type in this variable to override the behavior and force ifup to handlethe interface differently than it detected from system or config.Please always open a bug report when it is required to set the type.
Here you can hook a script (better: an executable) or systemd service name toperform individual actions before/after the interface is set up or before/afterthe interface is set down by specifying the script names in a space separated list.

Wicked supports multiple schemes for the scripts.

- systemd:<>" scheme:Permits a service name or template which will be completed with interface nameas its argument, e.g.:



On pre-up and post-up actions the service is started, onpre-down and post-down the service will be stopped.

The service should make use of an device service unit bindingBindsTo=sys-subsystem-net-devices-%i.deviceso it gets stopped, when the device suddenly disappears.See also man systemd.unit(5).

- wicked:<script> scheme:Permits to specify a script or script directory either as an absolutepath or relative to the /etc/wicked/scripts directory, e.g.:




The script is executed as "$script $action $interface" with thepre-up, post-up, pre-down, post-down actions corresponding with thevariable name.

- compat:suse:<script> scheme:Permits to specify a script or script directory either as an absolutepath or relative to the /etc/sysconfig/network/scripts directory, e.g.:



The script is executed as "$script $interface $interface -o $action"with the pre-up, post-up, pre-down, post-down actions corresponding withthe variable name.

Note: The script scheme must be specified as a safeguardto not execute any old and not-compatible sysconfig ifup scripts (which maydepend on different files, internal state, ...). Once the script has beenadopted, prepend e.g. the "compat:suse:" scheme to activate.

FIREWALL {yes|no}
Permits to disable the execution of the firewall extension scripts hooks onifup and ifdown of an interface.
The per-interface firewall zone name passed to the firewall extensionscript to assign the interface to the specified zone instead of a default one(when supported by the firewall framework, e.g. firewalld).



Specifies how log ifup waits for interfaces in seconds by default before it stopsprocessing and reports the status reached until then. This time may be automaticallyincreased in case of involved devices which require more time, such as bridge withenabled STP (IEEE defaults may need up to 50 seconds additionally).

This setting can be overridden by the wicked ifup --timeout option (see thewicked(8) manual page).Note: nanny is not affected by this ifup reporting timeout and continues to setupin background until ifdown or reboot.

See also the /etc/sysconfig/network/config configuration file and the
netconfig(8) manual page.

See the /etc/sysconfig/network/dhcp configuration file and the ifcfg-dhcp
manual page.



Multiple addresses

You can extend the variable nameIPADDRby any string you like. For exampleIPADDR_1,IPADDR-FOOorIPADDRxxx.Use these variables for your IP addresses.If you need some additional parameters for these addresses, then just addthe same extension to these variable names:BROADCAST, NETMASK, PREFIXLEN, REMOTE_IPADDR, LABEL, SCOPE, IP_OPTIONS.

   and so on ...



Copyright (C) 2004-2015 SUSE LINUX GmbH, Nuernberg, Germany. 


Please report bugs at <> 


Michal LudvigKarol MrozPawel WieczorkiewiczMarius Tomaschewski






This document was created byman2html,using the manual pages.