############################################################################## # QUICK-START # # The quickest start is if you want to use DHCP. # In that case, everything should work out of the box, no configuration # necessary, though the startup script will warn you that you haven't # specified anything. # WARNING :- some examples have a mixture of IPv4 (ie 192.168.0.1) and IPv6 # (ie 4321:0:1:2:3:4:567:89ab) internet addresses. They only work if you have # the relevant kernel option enabled. So if you don't have an IPv6 enabled # kernel then remove the IPv6 address from your config. # If you want to use a static address or use DHCP explicitly, jump # down to the section labeled INTERFACE HANDLERS. # # If you want to do anything more fancy, you should take the time to # read through the rest of this file. ############################################################################## # MODULES # # We now support modular networking scripts which means we can easily # add support for new interface types and modules while keeping # compatibility with existing ones. # # Modules load by default if the package they need is installed. If # you specify a module here that doesn't have its package installed # then you get an error stating which package you need to install. # Ideally, you only use the modules setting when you have two or more # packages installed that supply the same service. # # In other words, you probably should DO NOTHING HERE... # Prefer ifconfig over iproute2 #modules="!iproute2" # You can also specify other modules for an interface # In this case we prefer udhcpc over dhcpcd #modules_eth0="udhcpc" # You can also specify which modules not to use - for example you may be # using a supplicant or linux-wlan-ng to control wireless configuration but # you still want to configure network settings per SSID associated with. #modules="!iwconfig !wpa_supplicant" # IMPORTANT: If you need the above, please disable modules in that order ############################################################################## # INTERFACE HANDLERS # # We provide two interface handlers presently: ifconfig and iproute2. # You need one of these to do any kind of network configuration. # For ifconfig support, emerge sys-apps/net-tools # For iproute2 support, emerge sys-apps/iproute2 # If you don't specify an interface then we prefer iproute2 if it's installed # To prefer ifconfig over iproute2 #modules="!iproute2" # For a static configuration, use something like this # (They all do exactly the same thing btw) #config_eth0="192.168.0.2/24" #config_eth0="192.168.0.2 netmask 255.255.255.0" # If you need more than one address, you can use something like this # NOTE: ifconfig creates an aliased device for each extra IPv4 address # (eth0:1, eth0:2, etc) # iproute2 does not do this as there is no need to # WARNING: You cannot mix multiple addresses on a line with other parameters! #config_eth0="192.168.0.2/24 192.168.0.3/24 192.168.0.4/24" # However, that only works with CIDR addresses, so you can't use netmask. # You can also use IPv6 addresses # (you should always specify a prefix length with IPv6 here) #config_eth0="192.168.0.2/24 4321:0:1:2:3:4:567:89ab/64 4321:0:1:2:3:4:567:89ac/64" # If you wish to keep existing addresses + routing and the interface is up, # you can specify a noop (no operation). If the interface is down or there # are no addresses assigned, then we move onto the next step (default dhcp) # This is useful when configuring your interface with a kernel command line # or similar #config_eth0="noop 192.168.0.2/24" # If you don't want ANY address (only useful when calling for advanced stuff) #config_eth0="null" # If you need to pass parameters to go with an address, you can do so on the # same line as the address. You should split multiple addresses with newlines. # WARNING: You cannot mix multiple addresses on a line with other parameters! #config_eth0="192.168.0.2/24 scope host" #config_eth0="4321:0:1:2:3:4:567:89ab/64 nodad home preferred_lft 0" #config_eth0="192.168.0.2/24 scope host #4321:0:1:2:3:4:567:89ab/64 nodad home preferred_lft 0" # Here's how to do routing if you need it # We add an IPv4 default route, IPv4 subnet route and an IPv6 unicast route #routes_eth0="default via 192.168.0.1 #10.0.0.0/8 via 192.168.0.1 #::/0" # If a specified module fails (like dhcp - see below), you can specify a # fallback like so #fallback_eth0="192.168.0.2/24" #fallback_routes_eth0="default via 192.168.0.1" # NOTE: fallback entry must match the entry location in config_eth0 # As such you can only have one fallback route. # Also, if you do not set a fallback_routes entry for an interface, the # routes entry will be used if that is set. # Some users may need to alter the MTU - here's how #mtu_eth0="1500" # Same for TX Queue Length #txqueuelen_eth0="1000" # Each module described below can set a default base metric, lower is # preferred over higher. This is so we can prefer a wired route over a # wireless route automatically. You can override this by setting #metric_eth0="100" # or on a global basis #metric="100" # The only downside of the global setting is that you have to ensure that # there are no conflicting routes yourself. For users with large routing # tables you may have to set a global metric as the due to a simple read of # the routing table taking over a minute at a time. # Most drivers that report carrier status function correctly, but some do not # One of these faulty drivers is for the Intel e1000 network card, but only # at boot time. To get around this you may alter the carrier_timeout value for # the interface. 0 is disable and any other number of seconds is how # long we wait for carrier. The current default is disabled. #carrier_timeout_eth0=0 # You may wish to disable the interface being brought down when stopping. # This is only of use for WakeOnLan. #ifdown_eth0="NO" ############################################################################## # OPTIONAL MODULES #----------------------------------------------------------------------------- # WIRELESS (802.11 support) # Wireless can be provided by iwconfig or wpa_supplicant # wpa_supplicant is preferred, use the modules directive to prefer iwconfig. #modules="iwconfig" # # iwconfig # emerge net-wireless/wireless-tools ############################################### # HINTS # # Most users will just need to set the following options # key_SSID1="s:yourkeyhere enc open" # s: means a text key # key_SSID2="aaaa-bbbb-cccc-dd" # no s: means a hex key # preferred_aps="'SSID 1' 'SSID 2'" # # Clear? Good. Now configure your wireless network below ############################################### # SETTINGS # Hard code an SSID to an interface - leave this unset if you wish the driver # to scan for available Access Points # Set to "any" to connect to any SSID - the driver picks an Access Point # This needs to be done when the driver doesn't support scanning # This may work for drivers that don't support scanning but you need automatic # AP association # I would only set this as a last resort really - use the preferred_aps # setting at the bottom of this file # However, using ad-hoc (without scanning for APs) and master mode # do require the SSID to be set - do this here #essid_eth0="any" # Set the mode of the interface (managed, ad-hoc, master or auto) # The default is auto # If it's ad-hoc or master you also may need to specify the channel below #mode_eth0="auto" # If managed mode fails, drop to ad-hoc mode with the below SSID? #adhoc_essid_eth0="WLAN" # Some drivers/hardware don't scan all that well. We have no control over this # but we can say how many scans we want to do to try and get a better sweep of # the area. The default is 1. #scans_eth0="1" #Channel can be set (1-14), but defaults to 3 if not set. # # The below is taken verbatim from the BSD wavelan documentation found at # http://www.netbsd.org/Documentation/network/wavelan.html # There are 14 channels possible; We are told that channels 1-11 are legal for # North America, channels 1-13 for most of Europe, channels 10-13 for France, # and only channel 14 for Japan. If in doubt, please refer to the documentation # that came with your card or access point. Make sure that the channel you # select is the same channel your access point (or the other card in an ad-hoc # network) is on. The default for cards sold in North America and most of Europe # is 3; the default for cards sold in France is 11, and the default for cards # sold in Japan is 14. #channel_eth0="3" # Setup any other config commands. This is basically the iwconfig argument # without the iwconfig $iface. #iwconfig_eth0="" # Set private driver ioctls. This is basically the iwpriv argument without # the iwpriv $iface. If you use the rt2500 driver (not the rt2x00 one) then # you can set WPA here, below is an example. #iwpriv_eth0="" #iwpriv_SSID="set AuthMode=WPAPSK #set EncrypType=TKIP #set WPAPSK=yourpasskey" #NOTE: Even though you can use WPA like so, you may have to set a WEP key #if your driver claims the AP is encrypted. The WEP key itself will not be #used though. # Seconds to wait before scanning # Some drivers need to wait until they have finished "loading" # before they can scan - otherwise they error and claim that they cannot scan # or resource is unavailable. The default is to wait zero seconds #sleep_scan_eth0="1" # Seconds to wait until associated. The default is to wait 10 seconds. # 0 means wait indefinitely. WARNING: this can cause an infinite delay when # booting. #associate_timeout_eth0="5" # By default a successful association in Managed mode sets the MAC # address of the AP connected to. However, some drivers (namely # the ipw2100) don't set an invalid MAC address when association # fails - so we need to check on link quality which some drivers # don't report properly either. # So if you have connection problems try flipping this setting # Valid options are MAC, quality and all - defaults to MAC #associate_test_eth0="MAC" # Some driver/card combinations need to scan in Ad-Hoc mode # After scanning, the mode is reset to the one defined above #scan_mode_eth0="Ad-Hoc" # Below you can define private ioctls to run before and after scanning # Format is the same as the iwpriv_eth0 above # This is needed for the HostAP drivers #iwpriv_scan_pre_eth0="'host_roaming 2'" #iwpriv_scan_post_eth0="'host_roaming 0'" # Define a WEP key per SSID or MAC address (of the AP, not your card) # The encryption type (open or restricted) must match the # encryption type on the Access Point # You can't use "any" for an SSID here #key_SSID="1234-1234-1234-1234-1234-1234-56" # or you can use strings. Passphrase IS NOT supported # To use a string, prefix it with s: # Note - this example also sets the encryption method to open # which is regarded as more secure than restricted #key_SSID="s:foobar enc open" #key_SSID="s:foobar enc restricted" # If you have whitespace in your key, here's how to set it and use other # commands like using open encryption. #key_SSID="s:'foo bar' enc open" # WEP key for the AP with MAC address 001122334455 #mac_key_001122334455="s:foobar" # Here are some more examples of keys as some users find others work # and some don't where they should all do the same thing #key_SSID="open s:foobar" #key_SSID="open 1234-5678-9012" #key_SSID="s:foobar enc open" #key_SSID="1234-5678-9012 enc open" # You may want to set multiple keys - here's an example # It sets 4 keys on the card and instructs to use key 2 by default #key_SSID="[1] s:passkey1 key [2] s:passkey2 key [3] s:passkey3 key [4] s:passkey4 key [2]" # You can also override the interface settings found in /etc/conf.d/net # per SSID - which is very handy if you use different networks a lot #config_SSID="dhcp" #dhcpcd_SSID="-t 5" #routes_SSID= #fallback_SSID= # Setting name/domain server causes /etc/resolv.conf to be overwritten # Note that if DHCP is used, and you want this to take precedence then # please put -R in your dhcpcd options #dns_servers_SSID="192.168.0.1 192.168.0.2" #dns_domain_SSID="some.domain" #dns_search_SSID="search.this.domain search.that.domain" # Please check the man page for resolv.conf for more information # as domain and search (searchdomains) are mutually exclusive and # searchdomains takes precedence # You can also set any of the /etc/conf.d/net variables per MAC address # incase you use Access Points with the same SSID but need different # networking configs. Below is an example - of course you use the same # method with other variables #config_001122334455="dhcp" #dhcpcd_001122334455="-t 10" #dns_servers_001122334455="192.168.0.1 192.168.0.2" # Map a MAC address to an SSID # This is used when the Access Point is not broadcasting its SSID # WARNING: This will override the SSID being broadcast due to some # Access Points sending an SSID even when they have been configured # not to! # Change 001122334455 to the MAC address and SSID to the SSID # it should map to #mac_essid_001122334455="SSID" # This lists the preferred SSIDs to connect to in order # SSID's can contain any characters here as they must match the broadcast # SSID exactly. # Surround each SSID with the " character and separate them with a space # If the first SSID isn't found then it moves onto the next # If this isn't defined then it connects to the first one found #preferred_aps="SSID1 SSID2" # You can also define a preferred_aps list per interface #preferred_aps_eth0="SSID3 SSID4" # You can also say whether we only connect to preferred APs or not # Values are "any", "preferredonly", "forcepreferred", "forcepreferredonly" and "forceany" # "any" means it will connect to visible APs in the preferred list and then any # other available AP # "preferredonly" means it will only connect to visible APs in the preferred list # "forcepreferred" means it will forcibly connect to APs in order if it does not find # them in a scan # "forcepreferredonly" means it forcibly connects to the APs in order and does not bother # to scan # "forceany" does the same as forcepreferred + connects to any other available AP # Default is "any" #associate_order="any" #associate_order_eth0="any" # You can define blacklisted Access Points in the same way #blacklist_aps="SSID1 SSID2" #blacklist_aps_eth0="SSID3 SSID4" # If you have more than one wireless card, you can say if you want # to allow each card to associate with the same Access Point or not # Values are "yes" and "no" # Default is "yes" #unique_ap="yes" #unique_ap_eth0="yes" # IMPORTANT: preferred_only, blacklisted_aps and unique_ap only work when # essid_eth0 is not set and your card is capable of scanning # NOTE: preferred_aps list ignores blacklisted_aps - so if you have # the same SSID in both, well, you're a bit silly :p ############################################################ # wpa_supplicant # emerge net-wireless/wpa_supplicant # Wireless options are held in /etc/wpa_supplicant/wpa_supplicant.conf # Consult the wpa_supplicant.conf.example that is installed in # /usr/share/doc/wpa_supplicant # To configure wpa_supplicant #wpa_supplicant_ath0="-Dmadwifi" # For Atheros based cards # Consult wpa_supplicant for more drivers - the default is -Dwext which should # work for most cards. # By default we don't wait for wpa_supplicant to associate and authenticate. # If you need to change this behaviour then you don't know how our scripts work # and setting this value could cause strange things to happen. # If you would like it to wait, you can specify how long in seconds. #associate_timeout_eth0=60 # A value of 0 means wait forever. # You can also override any settings found here per SSID - which is very # handy if you use different networks a lot. See below for using the SSID # in our variables #config_SSID="dhcp" # See the System module below for setting dns/nis/ntp per SSID # You can also override any settings found here per MAC address of the AP # in case you use Access Points with the same SSID but need different # networking configs. Below is an example - of course you use the same # method with other variables #mac_config_001122334455="dhcp" #mac_dns_servers_001122334455="192.168.0.1 192.168.0.2" # When an interface has been associated with an Access Point, a global # variable called SSID is set to the Access Point's SSID for use in the # pre/post user functions below (although it's not available in preup as you # won't have associated then) # If you're using anything else to configure wireless on your interface AND # you have installed wpa_supplicant, you need to disable wpa_supplicant #modules="!iwconfig !wpa_supplicant" #or #modules="!wireless" ############################################################################## # WIRELESS SSID IN VARIABLES ############################################################################## # Remember to change SSID to your SSID. # Say that your SSID is My NET - the line # #key_SSID="s:passkey" # becomes # #key_My_NET="s:passkey" # Notice that the space has changed to an underscore - do the same with all # characters not in a-z A-Z (English alphabet) 0-9. This only applies to # variables and not values. # # Any SSID's in values like essid_eth0="My NET" may need to be escaped # This means placing the character \ before the character # \" need to be escaped for example # So if your SSID is # My "\ NET # it becomes # My \"\\ NET # for example # #essid_eth0="My\"\\NET" # # So using the above we can use # #dns_domain_My____NET="My\"\\NET" # which is an invalid dns domain, but shows the how to use the variable # structure ######################################################### #----------------------------------------------------------------------------- # DHCP # DHCP can be provided by dhclient, dhcpcd, pump or udhcpc. # # dhclient: emerge net-misc/dhcp # dhcpcd: emerge net-misc/dhcpcd # pump: emerge net-misc/pump # udhcpc: emerge sys-apps/busybox # If you have more than one DHCP client installed, you need to specify which # one to use - otherwise we default to dhcpcd if available. #modules="dhclient" # to select dhclient over dhcpcd # # Notes: # - All clients send the current hostname to the DHCP server by default # - dhcpcd does not daemonize when the lease time is infinite # - udhcp-0.9.3-r3 and earlier do not support getting NTP servers # - pump does not support getting NIS servers # - DHCP tends to erase any existing device information - so add # static addresses after dhcp if you need them # - dhclient and udhcpc can set other resolv.conf options such as "option" # and "sortlist"- see the System module for more details # Regardless of which DHCP client you prefer, you configure them the # same way using one of following depending on which interface modules # you're using. #config_eth0="dhcp" # For passing custom options to dhcpcd use something like the following. This # example reduces the timeout for retrieving an address from 60 seconds (the # default) to 10 seconds. #dhcpcd_eth0="-t 10" # dhclient, udhcpc and pump don't have many runtime options # You can pass options to them in a similar manner to dhcpcd though #dhclient_eth0="..." #udhcpc_eth0="..." #pump_eth0="..." # GENERIC DHCP OPTIONS # Set generic DHCP options like so #dhcp_eth0="release nodns nontp nonis nogateway nosendhost" # This tells the dhcp client to release its lease when it stops, not to # overwrite dns, ntp and nis settings, not to set a default route and not to # send the current hostname to the dhcp server and when it starts. # You can use any combination of the above options - the default is not to # use any of them. #----------------------------------------------------------------------------- # For APIPA support, emerge net-misc/iputils or net-analyzer/arping # APIPA is a module that tries to find a free address in the range # 169.254.0.0-169.254.255.255 by arping a random address in that range on the # interface. If no reply is found then we assign that address to the interface # This is only useful for LANs where there is no DHCP server and you don't # connect directly to the internet. #config_eth0="dhcp" #fallback_eth0="apipa" #----------------------------------------------------------------------------- # ARPING Gateway configuration # and # Automatic Private IP Addressing (APIPA) # For arpingnet / apipa support, emerge net-misc/iputils or net-analyzer/arping # # This is a module that tries to find a gateway IP. If it exists then we use # that gateways configuration for our own. For the configuration variables # simply ensure that each octet is zero padded and the dots are removed. # Below is an example. # #gateways_eth0="192.168.0.1 10.0.0.1" #config_192168000001="192.168.0.2/24" #routes_192168000001="default via 192.168.0.1" #dns_servers_192168000001="192.168.0.1" #config_010000000001="10.0.0.254/8" #routes_010000000001="default via 10.0.0.1" #dns_servers_010000000001="10.0.0.1" # We can also specify a specific MAC address for each gateway if different # networks have the same gateway. #gateways_eth0="192.168.0.1,00:11:22:AA:BB:CC 10.0.0.1,33:44:55:DD:EE:FF" #config_192168000001_001122AABBCC="192.168.0.2/24" #routes_192168000001_001122AABBCC="default via 192.168.0.1" #dns_servers_192168000001_001122AABBCC="192.168.0.1" #config_010000000001_334455DDEEFF="10.0.0.254/8" #routes_010000000001_334455DDEEFF="default via 10.0.0.1" #dns_servers_010000000001_334455DDEEFF="10.0.0.1" # If you need to spoof the source address, you can add that as third parameter # like so #gateways_eth0="192.168.0.1,00:11:22:AA:BB:CC,192.168.0.50" #or #gateways_eth0="192.168.0.1,,192.168.0.50" # This requires arping to be installed though # If we don't find any gateways (or there are none configured) then we try and # use APIPA to find a free address in the range 169.254.0.0-169.254.255.255 # by arping a random address in that range on the interface. If no reply is # found then we assign that address to the interface. # This is only useful for LANs where there is no DHCP server. #config_eth0="arping" # or if no DHCP server can be found #config_eth0="dhcp" #fallback_eth0="arping" # NOTE: We default to sleeping for 1 second the first time we attempt an # arping to give the interface time to settle on the LAN. This appears to # be a good default for most instances, but if not you can alter it here. #arping_sleep=5 #arping_sleep_lan=7 # NOTE: We default to waiting 3 seconds to get an arping response. You can # change the default wait like so. #arping_wait=3 #arping_wait_lan=2 #----------------------------------------------------------------------------- # VLAN (802.1q support) # For VLAN support, emerge sys-apps/iproute2 # The old vconfig based VLAN support is no longer available. # Specify the VLAN numbers for the interface like so # Please ensure your VLAN IDs are NOT zero-padded #vlans_eth0="1 2" # You may not want to assign an IP the the physical interface, but we still # need it up. #config_eth0="null" # You can also configure the VLAN - see for ip man page for more details # To change the vlan interface name. If not set, the standard "iface.vlanid" # will be used. This is the replacement for the old 'vconfig set_name_type' # functionality. If you previously relied on the DEV_PLUS_VID or # DEV_PLUS_VID_NO_PAD options to have different VLANs with same ID value, on # different interfaces, please note that you need to use both the interface and # vlan number in the numbering. This applies for all of the options: name, # txqueuelen, mac, broadcast, mtu, ingress, egress, flags #vlan1_name="vlan1" #eth0_vlan2_name="eth0.2" #eth1_vlan2_name="eth1.2" # The following shows the old set_name_type setting and what new option to set: # Using eth9 & VLAN VID 26 as an example. # VLAN_PLUS_VID vlan26_name="vlan0026" # VLAN_PLUS_VID_NO_PAD vlan26_name="vlan26" # DEV_PLUS_VID eth9_vlan26_name="eth9.0026" # DEV_PLUS_VID_NO_PAD eth9_vlan26_name="eth9.26" # Set the vlan flags #vlan1_flags="reorder_hdr off gvrp on loose_binding on" #eth0_vlan1_flags="reorder_hdr off gvrp on loose_binding on" # Configure in/egress maps #vlan1_ingress="2:6 3:5" #eth0_vlan1_egress="1:2" #config_vlan1="172.16.2.1/24" #config_vlan2="172.16.3.1/24" #config_eth0_1="172.16.4.1/24" #config_eth1_1="172.16.5.1/24" # NOTE: Vlans can be configured with a . in their interface names # When configuring vlans with this name type, you need to replace . with a _ #config_eth0.1="dhcp" - does not work #config_eth0_1="dhcp" - does work # NOTE: Vlans are controlled by their physical interface and not per vlan # This means you do not need to create init scripts in /etc/init.d for each # vlan, you must need to create one for the physical interface. # If you wish to control the configuration of each vlan through a separate # script then you need to do this. #vlan_start_eth0="no" # If you do the above then you may want to depend on eth0 like so # rc_net_vlan1_need="net.eth0" # NOTE: depend functions only work in /etc/conf.d/net # and not in profile configs such as /etc/conf.d/net.foo # Also, you might want to make eth0 not provide net in this case so that # dependent services will start when the vlan is active instead of the # physical interface. # rc_net_eth0_provide="!net" # MAC-VLAN support # The following configuration can be used to create a new interface 'macvlan0' # linked to 'eth0' #macvlan_macvlan0="eth0" # MAC-VLAN mode (private, vepa, bridge, passtru) #mode_macvlan0="private" # IP address, MAC address, ... are configured as a normal interface #config_macvlan0="192.168.20.20/24" #mac_macvlan0="00:50:06:20:20:20" #----------------------------------------------------------------------------- # Bonding # For link bonding/trunking on 2.4 kernels, or kernels without sysfs # emerge net-misc/ifenslave # To bond interfaces together #slaves_bond0="eth0 eth1 eth2" #config_bond0="null" # You may not want to assign an IP the the bond # Please note, that you should generally NOT try to change the MAC addresses of # a bond interface yourself. If you do so, the kernel and your network switches # may not work quite right. It is permissible to set the MAC addresses of bond # slaves BEFORE the bond comes up, but not after the bond is up (it will change # MAC addresses of the slaves on it's own). # You can also configure the parameters of the bond here, which must be done # via sysfs on 2.6 kernels or newer. The description of all the options can be # found in the kernel: /usr/src/linux-*/Documentation/networking/bonding.txt # You will probably want the 'mode' option at the least. # Some possible parameters: mode fail_over_mac arp_validate arp_interval # arp_ip_target downdelay updelay lacp_rate ad_select xmit_hash_policy # num_grat_arp num_unsol_na miimon primary primary_reselect use_carrier # active_slave queue_id all_slaves_active resend_igmp min_links #mode_bond0="round-robin" #miimon_bond0="100" #arp_ip_target_bond0="+26.0.0.0" # If any of the slaves require extra configuration - for example wireless or # ppp devices - we need to depend function on the bonded interfaces #rc_net_bond0_need="net.eth0 net.eth1" # Bonding subsume support (prevents crashes for root-on-NFS) # - Only tested in the default bonding mode ('active-backup') with # IPv4 # - Only subsumes basic interface characteristics (IP, netmask) and # excludes additional routes, interface properties such as MTU, # interface-associated netfilter rules, etc. # In the example below, the (usually kernel-autoconfigured) # 'eth0' interface is a member of bond0, which subsumes the # existing interface configuration without upsetting NFS. #slaves_bond0="eth0 eth1" #subsume_bond0="eth0" #----------------------------------------------------------------------------- # Classical IP over ATM # For CLIP support emerge net-dialup/linux-atm # Ensure that you have /etc/atmsigd.conf setup correctly # Now setup each clip interface like so #clip_atm0="peer_ip [if.]vpi.vci [opts]," # where "peer_ip" is the IP address of a PVC peer (in case of an ATM connection # with your ISP, your only peer is usually the ISP gateway closest to you), # "if" is the number of the ATM interface which will carry the PVC, "vpi.vci" # is the ATM VC address, and "opts" may optionally specify VC parameters like # qos, pcr, and the like (see "atmarp -s" for further reference). Please also # note quoting: it is meant to distinguish the VCs you want to create. You may, # in example, create an atm0 interface to more peers, like this: #clip_atm0="1.1.1.254,0.8.35 1.1.1.253,1.8.35" # By default, the PVC will use the LLC/SNAP encapsulation. If you rather need a # null encapsulation (aka "VC mode"), please add the keyword "null" to opts. #----------------------------------------------------------------------------- # PPP # For PPP support, emerge net-dialup/ppp # PPP is used for most dialup connections, including ADSL. # The older ADSL module is documented below, but you are encouraged to try # this module first. # # You need to create the PPP net script yourself. Make it like so #ln -s net.lo /etc/init.d/net.ppp0 # # Each PPP interface requires an interface to use as a "Link" #link_ppp0="/dev/ttyS0" # Most PPP links will use a serial port #link_ppp0="eth0" # PPPoE requires an ethernet interface #link_ppp0="[itf.]vpi.vci" # PPPoA requires the ATM VC's address #link_ppp0="/dev/null" # ISDN links should have this #link_ppp0="pty 'your_link_command'" # PPP links over ssh, rsh, etc # # Here you should specify what pppd plugins you want to use # Available plugins are: pppoe, pppoa, capi, dhcpc, minconn, radius, # radattr, radrealms and winbind #plugins_ppp0="pppoe" # Required plugin for PPPoE #plugins_ppp0="pppoa vc-encaps" # Required plugin for PPPoA with an option #plugins_ppp0="capi" # Required plugin for ISDN # # PPP requires at least a username. You can optionally set a password here too # If you don't, then it will use the password specified in /etc/ppp/*-secrets # against the specified username #username_ppp0='user' #password_ppp0='password' # NOTE: You can set a blank password like so #password_ppp0= # # The PPP daemon has many options you can specify - although there are many # and may seem daunting, it is recommended that you read the pppd man page # before enabling any of them #pppd_ppp0=" # maxfail 0 # WARNING: It's not recommended you use this # # if you don't specify maxfail then we assume 0 # updetach # If not set, "/etc/init.d/net.ppp0 start" will return # # immediately, without waiting the link to come up # # for the first time. # # Do not use it for dial-on-demand links! # debug # Enables syslog debugging # noauth # Do not require the peer to authenticate itself # defaultroute # Make this PPP interface the default route # usepeerdns # Use the DNS settings provided by PPP # # On demand options # demand # Enable dial on demand # idle 30 # Link goes down after 30 seconds of inactivity # 10.112.112.112:10.112.112.113 # Phony IP addresses # ipcp-accept-remote # Accept the peers idea of remote address # ipcp-accept-local # Accept the peers idea of local address # holdoff 3 # Wait 3 seconds after link dies before re-starting # # Dead peer detection # lcp-echo-interval 15 # Send a LCP echo every 15 seconds # lcp-echo-failure 3 # Make peer dead after 3 consecutive # # echo-requests # # Compression options - use these to completely disable compression # noaccomp noccp nobsdcomp nodeflate nopcomp novj novjccomp # # Dial-up settings # lock # Lock serial port # 115200 # Set the serial port baud rate # modem crtscts # Enable hardware flow control # 192.168.0.1:192.168.0.2 # Local and remote IP addresses #" # # Dial-up PPP users need to specify at least one telephone number #phone_number_ppp0="12345689" # Maximum 2 phone numbers are supported # They will also need a chat script - here's a good one #chat_ppp0=" #ABORT BUSY #ABORT ERROR #ABORT 'NO ANSWER' #ABORT 'NO CARRIER' #ABORT 'NO DIALTONE' #ABORT 'Invalid Login' #ABORT 'Login incorrect' #TIMEOUT 5 #'' ATZ #OK AT # Put your modem initialization string here #OK 'ATDT\T' #TIMEOUT 60 #CONNECT '' #TIMEOUT 5 #~-- '' #" # If the link require extra configuration - for example wireless or # RFC 268 bridge - we need to depend on the bridge so they get # configured correctly. #rc_net_ppp0_need="net.nas0" #WARNING: if MTU of the PPP interface is less than 1500 and you use this #machine as a router, you should add the following rule to your firewall # #iptables -I FORWARD 1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu #----------------------------------------------------------------------------- # ADSL # For ADSL support, emerge net-dialup/rp-pppoe # WARNING: This ADSL module is being deprecated in favour of the PPP module # above. # You should make the following settings and also put your # username/password information in /etc/ppp/pap-secrets # Configure the interface to use ADSL #config_eth0="adsl" # You probably won't need to edit /etc/ppp/pppoe.conf if you set this #adsl_user_eth0="my-adsl-username" #----------------------------------------------------------------------------- # ISDN # For ISDN support, emerge net-dialup/isdn4k-utils # You should make the following settings and also put your # username/password information in /etc/ppp/pap-secrets # Configure the interface to use ISDN #config_ippp0="dhcp" # It's important to specify dhcp if you need it! #config_ippp0="192.168.0.1/24" # Otherwise, you can use a static IP # NOTE: The interface name must be either ippp or isdn followed by a number # You may need this option to set the default route #ipppd_eth0="defaultroute" #----------------------------------------------------------------------------- # MAC changer # Warning: Do NOT use this on bonding interfaces! Bonding changes MACs itself. # # To set a specific MAC address #mac_eth0="00:11:22:33:44:55" # For changing MAC addresses using the below, emerge net-analyzer/macchanger # - to randomize the last 3 bytes only #mac_eth0="random-ending" # - to randomize between the same physical type of connection (e.g. fibre, # copper, wireless) , all vendors #mac_eth0="random-samekind" # - to randomize between any physical type of connection (e.g. fibre, copper, # wireless) , all vendors #mac_eth0="random-anykind" # - full randomization - WARNING: some MAC addresses generated by this may NOT # act as expected #mac_eth0="random-full" # custom - passes all parameters directly to net-analyzer/macchanger #mac_eth0="some custom set of parameters" # You can also set other options based on the MAC address of your network card # Handy if you use different docking stations with laptops #config_001122334455="dhcp" #----------------------------------------------------------------------------- # TUN/TAP # For TUN/TAP support install iproute2, openvpn or usermode-utilities # # You must specify if we're a tun or tap device. Then you can give it any # name you like - such as vpn #tuntap_vpn="tun" #config_vpn="192.168.0.1/24" # Or stick wit the generic names - like tap0 #tuntap_tap0="tap" #config_tap0="192.168.0.1/24" # Use something like this to pass custom options to iproute2 during # tunnel creation. This sets the user and group ownership of the node. #iproute2_tun1="user foo group bar" # For passing custom options to tunctl use something like the following. This # example sets the owner to adm #tunctl_tun1="-u adm" # OpenVPN-2.1_rc6 and newer allow --user and --group to set owner and group # of the node as well #openvpn_tun1="--user foo --group bar" #----------------------------------------------------------------------------- # Bridging (802.1d) # For bridging support emerge net-misc/bridge-utils # To add ports to bridge br0 #bridge_br0="eth0 eth1" # or dynamically add them when the interface comes up #bridge_add_eth0="br0" #bridge_add_eth1="br0" # NOTE: If you want to manually start an empty bridge, and then dynamically add # ports to it you must set at least one of the following variables based on the # interface name, so that we can pick it up from your configuration. Even an # empty value variable is fine, but at least one of them must be set: # brctl_IFVAR # You need to configure the ports to null values so dhcp does not get started #config_eth0="null" #config_eth1="null" # Finally give the bridge an address - dhcp or a static IP, this is assigned to # the bridge when the bridge is explicitly started. #config_br0="dhcp" # may not work when adding ports dynamically #config_br0="192.168.0.1/24" # If any of the ports require extra configuration - for example wireless or # ppp devices - we need to depend on them like so. #rc_net_br0_need="net.eth0 net.eth1" # Below is an example of configuring the bridge # Consult "man brctl" for more details #brctl_br0="setfd 15 #sethello 2 #stp on" # You can also configure the bridge or bridge members via sysfs on 2.6 kernels # or newer. See the kernel bridge documentation for a description of these # options. #stp_state_br0="0" #forward_delay_br0="10" #hairpin_mode_eth0="1" #----------------------------------------------------------------------------- # RFC 2684 Bridge Support # For RFC 2684 bridge support emerge net-misc/br2684ctl # Interface names have to be of the form nas0, nas1, nas2, etc. # You have to specify a VPI and VCI for the interface like so #br2684ctl_nas0="-a 0.38" # UK VPI and VCI # You may want to configure the encapsulation method as well by adding the -e # option to the command above (may need to be before the -a command) # -e 0 # LLC (default) # -e 1 # VC mux # Then you can configure the interface as normal #config_nas0="'192.168.0.1/24'" #----------------------------------------------------------------------------- # Tunneling # WARNING: For tunneling it is highly recommended that you # emerge sys-apps/iproute2 # # For GRE tunnels #iptunnel_vpn0="mode gre remote 207.170.82.1 key 0xffffffff ttl 255" # For IPIP tunnels #iptunnel_vpn0="mode ipip remote 207.170.82.2 ttl 255" # To configure the interface #config_vpn0="192.168.0.2 pointopoint 192.168.1.2" # ifconfig style #config_vpn0="192.168.0.2 peer 192.168.1.1" # iproute2 style # 6to4 Tunnels allow IPv6 to work over IPv4 addresses, provided you # have a non-private address configured on an interface. # link_6to4="eth0" # Interface to base its addresses on # config_6to4="ip6to4" # You may want to depend on eth0 like so #rc_net_6to4_need="net.eth0" # To ensure that eth0 is configured before 6to4. Of course, the tunnel could be # any name and this also works for any configured interface. # NOTE: If you're not using iproute2 then your 6to4 tunnel has to be called # sit0 - otherwise use a different name like 6to4 in the example above. # You can also specify a relay and suffix if you like. # The default relay is 192.88.99.1 and the default suffix is :1 #relay_6to4="192.168.3.2" #suffix_6to4=":ff" #----------------------------------------------------------------------------- # Advanced Routing # WARNING: For advanced routing you MUST be using sys-apps/iproute2 # # This provides a means to do multi-homing and more using the Routing Policy # Database (RPDB). # # See the following links for background and more information. # http://linux-ip.net/html/ch-routing.html # http://linux-ip.net/html/ch-advanced-routing.html # The rules listed will be added with 'ip rule add LINE' when the interface is # being brought up. They will also be removed with 'ip rule delete LINE'. # The rules added are also stored for later removal, so if you alter your rules # directly before stopping, you should review your rules again after stopping. # Note in earlier versions of openrc, this was provided as an example in # postup/postdown, however that implementation suffered some bugs in corner # cases, which are now fixed with this merger. If you used the previous # example, you should only need to drop the relevent portions of your # postup/postdown functions, and review the quoting in your rules_IFACE # variables. # Below is a trivial example for a dual-homed connection where there is an OOB # management network. Only packets explicitly with an address from or to the # OOB are sent via eth0. All others go via eth1 as the eth1 rules have a lower # priority. # If you want to use names for your tables, you should put lines into # /etc/iproute2/rt_tables, an example follows: # 2 oob # 3 external # # IPv6 RPDB entries are to be found in the rules6_IFVAR variables: #rules_eth0=" #from ZZZ.ZZZ.200.128/27 table oob priority 500 #to ZZZ.ZZZ.200.128/27 table oob priority 550" #rules_eth1=" #from XXX.XXX.112.0/24 table external priority 400 #to XXX.XXX.112.0/24 table external priority 450" #routes_eth0=" #ZZZ.ZZZ.200.128/27 dev eth0 table oob scope link #default via ZZZ.ZZZ.200.129 table oob" #routes_eth1=" #XXX.XXX.112.0/24 dev eth1 table external scope link #default via XXX.XXX.112.1 dev eth1" # IPv6 example: #rules6_eth0=" #from 2001:0DB8:AAAA:BBBB::/64 table vpn priority 100 #to 2001:0DB8:AAAA:BBBB::/64 table vpn priority 150" #----------------------------------------------------------------------------- # System # For configuring system specifics such as domain, dns, ntp and nis servers # It's rare that you would need todo this, but you can anyway. # This is most benefit to wireless users who don't use DHCP so they can change # their configs based on SSID. # If you omit the _eth0 suffix, then it applies to all interfaces unless # overridden by the interface suffix. #dns_domain_eth0="your.domain" #dns_servers_eth0="192.168.0.2 192.168.0.3" #dns_search_eth0="this.domain that.domain" #dns_options_eth0="timeout:1 rotate" #dns_sortlist_eth0="130.155.160.0/255.255.240.0 130.155.0.0" # See the man page for resolv.conf for details about the options and sortlist # directives #ntp_servers_eth0="192.168.0.2 192.168.0.3" #nis_domain_eth0="domain" #nis_servers_eth0="192.168.0.2 192.168.0.3" # NOTE: Setting any of these will stamp on the files in question. So if you # don't specify dns_servers but you do specify dns_domain then no nameservers # will be listed in /etc/resolv.conf even if there were any there to start # with. # If this is an issue for you then maybe you should look into a resolv.conf # manager like resolvconf-gentoo to manage this file for you. All packages # that baselayout supports use resolvconf-gentoo if installed. #----------------------------------------------------------------------------- # Cable in/out detection # Sometimes the cable is in, others it's out. Obviously you don't want to # restart net.eth0 every time when you plug it in either. # # netplug is a package that detects this and requires no extra configuration # on your part. # emerge sys-apps/netplug # or # emerge sys-apps/ifplugd # and you're done :) # By default we don't wait for netplug/ifplugd to configure the interface. # If you would like it to wait so that other services know that network is # up then you can specify a timeout here. A value of 0 means wait forever, # and a negative value means never wait. #plug_timeout_eth0="10" # If you want to set it for all interfaces: #plug_timeout="10" # If you don't want to use netplug on a specific interface but you have it # installed, you can disable it for that interface via the modules statement #modules_eth0="!netplugd" # You can do the same for ifplugd # # You can disable them both with the generic plug #modules_eth0="!plug" # To use specific ifplugd options, fex specifying wireless mode #ifplugd_eth0="--api-mode=wlan" # man ifplugd for more options #----------------------------------------------------------------------------- # Interface hardware tuning & configuration via ethtool # If you need to change explicit hardware settings on your network card prior # to bringing the interface up, the following is available. # # For a full listing of settings, please consulting ethtool(8) and the output # of "ethtool --help". # # Multiple entries (seperated by newlines) are supported in all of the # variables as some settings cannot be changed at the same time. # # Valid variable name fragments: change pause coalesce ring offload # change_eeprom identify nfc flash rxfh_indir ntuple # Set Wake-On-Lan to listen for SecureOn MagicPacket(tm), the message level to # notify us of WOL changes, and the SecureOn password to 'DE:AD:BE:EF:CA:FE'. #ethtool_change_eth0="wol gs #msglvl wol on #sopass DE:AD:BE:EF:CA:FE" # Disable pause auto-negotiation and explicitly enable RX and TX pause. #ethtool_pause_eth0="autoneg off #rx on tx on" # Enasble adaptive RX and TX coalescing #ethtool_coalesce_eth0="adaptive-rx on adaptive-tx on" # Change ring buffer settings #ethtool_ring_eth0="" # Enable all offload settings #ethtool_offload_eth0="rx on tx on sg on tso on ufo on gso on gro on lro on" # Change specific bytes in the EEPROM #ethtool_change_eeprom_eth0="" # Run the identify sequence on the interface for 1 second (does not return until completion) #ethtool_identify_eth0="1" # Configure receive network flow classification #ethtool_nfc_eth0=" #rx-flow-hash tcp4 f #rx-flow-hash udp4 s" # Flash firmware to all regions #ethtool_flash_eth0="/some/path/firmware1 0" # Flash firmware to region 1 #ethtool_flash_eth0="/some/path/firmware2 1" # Set receive flow hash indirection table for even balancing between N receive queues #ethtool_rxfh_indir_eth0="equal 4" # Configure Rx ntuple filters and actions #ethtool_ntuple_eth0="" # Additionally, there is a special control variable, if you need to change the # order of option processing. The default order is: # flash change-eeprom change pause coalesce ring offload identify nfc rxfh-indir ntuple # Set global order to default #ethtool_order="flash change-eeprom change pause coalesce ring offload identify nfc rxfh-indir ntuple" # Hypothetical network card that requires a change-eeprom toggle to enable flashing #ethtool_order_eth0="change-eeprom flash change pause coalesce ring offload nfc rxfh-indir ntuple" #----------------------------------------------------------------------------- # Firewalld support # If you are using the firewalld daemon to configure your firewall # settings and you have specific zones you want to apply to your # interfaces, you can do this here. #firewalld_zone_eth0="myzone" ############################################################################## # ADVANCED CONFIGURATION # # Four functions can be defined which will be called surrounding the # start/stop operations. The functions are called with the interface # name first so that one function can control multiple adapters. An extra two # functions can be defined when an interface fails to start or stop. # # The return values for the preup and predown functions should be 0 # (success) to indicate that configuration or deconfiguration of the # interface can continue. If preup returns a non-zero value, then # interface configuration will be aborted. If predown returns a # non-zero value, then the interface will not be allowed to continue # deconfiguration. # # The return values for the postup, postdown, failup and faildown functions are # ignored since there's nothing to do if they indicate failure. # # ${IFACE} is set to the interface being brought up/down # ${IFVAR} is ${IFACE} converted to variable name bash allows # # For historical and compatibility reasons, preup is actually normally called # in the following sequence: up ; preup ; up. # The first up causes the kernel to initialize the device, so # that it is available for use in the preup function. However, for some # hardware, e.g. CAN devices, some configuration is needed before trying to up # the interface will actually work. For such hardware, the # up_before_preup variables will allow skipping the first up call if set # to yes. #up_before_preup_IFVAR="NO" #up_before_preup="NO" #preup() { # # Test for link on the interface prior to bringing it up. This # # only works on some network adapters and requires the # # sys-apps/net-tools package to be installed. # if mii-tool "${IFACE}" 2> /dev/null | grep -q 'no link'; then # ewarn "No link on ${IFACE}, aborting configuration" # return 1 # fi # # # Test for link on the interface prior to bringing it up. This # # only works on some network adapters and requires the ethtool # # package to be installed. # if ethtool "${IFACE}" | grep -q 'Link detected: no'; then # ewarn "No link on ${IFACE}, aborting configuration" # return 1 # fi # # # Test to see if we're docked or not and configure like so # # config_docked="dhcp" # if grep -q "1" /sys/devices/platform/dock.0/docked; then # einfo "${IFACE} is docked - configuring" # _configure_variables "docked" # fi # # # Remember to return 0 on success # return 0 #} #predown() { # # The default in the script is to test for NFS root and disallow # # downing interfaces in that case. Note that if you specify a # # predown() function you will override that logic. Here it is, in # # case you still want it... # if is_net_fs /; then # eerror "root filesystem is network mounted -- can't stop ${IFACE}" # return 1 # fi # # # Remember to return 0 on success # return 0 #} #postup() { # # This function could be used, for example, to register with a # # dynamic DNS service. Another possibility would be to # # send/receive mail once the interface is brought up. #} #postdown() { # # Enable Wake-On-LAN for every interface except for lo # # Probably a good idea to set ifdown="no" in /etc/conf.d/net # # as well ;) # [ "${IFACE}" != "lo" ] && ethtool -s "${IFACE}" wol g # # Return 0 always # return 0 #} #failup() { # # This function is mostly here for completeness... I haven't # # thought of anything nifty to do with it yet ;-) #} #faildown() { # # This function is mostly here for completeness... I haven't # # thought of anything nifty to do with it yet ;-) #} # You should note that we don't stop the network at system shutdown by default. # If you really need this, then set shutdown_network=YES