Differences
This shows you the differences between two versions of the page.
|
doc:uci:network [2013/02/12 09:32] steven |
doc:uci:network [2013/05/21 07:48] (current) steven |
||
|---|---|---|---|
| Line 16: | Line 16: | ||
| config interface wan | config interface wan | ||
| - | option 'ifname' 'eth0.2' | + | option ifname eth0.2 |
| - | option 'proto' 'pppoe' | + | option proto pppoe |
| - | option 'username' 'szabozsolt-em' | + | option username testuser |
| - | option 'password' 'M3IuWBt4' | + | option password secret |
| config switch eth0 | config switch eth0 | ||
| Line 136: | Line 136: | ||
| | ''mtu'' | number | no | //(none)// | Override the default MTU on this interface | | | ''mtu'' | number | no | //(none)// | Override the default MTU on this interface | | ||
| | ''auto'' | boolean | no | ''0'' for proto ''none'', else ''1'' | Specifies whether to bring up interface on boot | | | ''auto'' | boolean | no | ''0'' for proto ''none'', else ''1'' | Specifies whether to bring up interface on boot | | ||
| - | | ''accept_ra'' | boolean | no | ''1'' for protocol ''dhcp'', else ''0'' | Specifies whether to accept IPv6 Router Advertisements on this interface | | + | | ''accept_ra'' | boolean | no | ''1'' for protocol ''dhcp'', else ''0'' | Specifies whether to accept IPv6 Router Advertisements on this interface (On Attitude Adjustment and earlier versions) | |
| - | | ''send_rs'' | boolean | no | ''1'' for protocol ''static'', else ''0'' | Specifies whether to send Router Solicitations on this interface | | + | | ''send_rs'' | boolean | no | ''1'' for protocol ''static'', else ''0'' | Specifies whether to send Router Solicitations on this interface (On Attitude Adjustment and earlier versions) | |
| === Protocol "static" === | === Protocol "static" === | ||
| Line 149: | Line 149: | ||
| | ''ip6gw'' | ipv6 address | no | //(none)// | Assign given IPv6 default gateway to this interface | | | ''ip6gw'' | ipv6 address | no | //(none)// | Assign given IPv6 default gateway to this interface | | ||
| | ''ip6assign'' | prefix length | no | //(none)// | Delegate a prefix of given length to this interface (Barrier Breaker and later only) | | | ''ip6assign'' | prefix length | no | //(none)// | Delegate a prefix of given length to this interface (Barrier Breaker and later only) | | ||
| - | | ''ip6prefix'' | ipv6 prefix | no | //(none)// | Routed IPv6 prefix for downstream interfaces (Barrier Breaker and later only) | | + | | ''ip6hint'' | prefix hint (hex) | no | //(none)// | Hint the subprefix that should be delegeted as hexadecimal number (Barrier Breaker and later only) | |
| + | | ''ip6prefix'' | ipv6 prefix | no | //(none)// | IPv6 prefix routed here for use on other interfaces (Barrier Breaker and later only) | | ||
| | ''dns'' | list of ip addresses | no | //(none)// | DNS server(s) | | | ''dns'' | list of ip addresses | no | //(none)// | DNS server(s) | | ||
| | ''metric'' | integer | no | ''0'' | Specifies the default route metric to use | | | ''metric'' | integer | no | ''0'' | Specifies the default route metric to use | | ||
| Line 172: | Line 173: | ||
| ^ Name ^ Type ^ Required ^ Default ^ Description ^ | ^ Name ^ Type ^ Required ^ Default ^ Description ^ | ||
| | ''reqaddress'' | [try,force,none] | no | try | Behaviour for requesting addresses | | | ''reqaddress'' | [try,force,none] | no | try | Behaviour for requesting addresses | | ||
| - | | ''reqprefix'' | [auto,no,0-64] | no | auto | Behaviour for requesting prefixes (numbers denote hinted prefix length) | | + | | ''reqprefix'' | [auto,no,0-64] | no | auto | Behaviour for requesting prefixes (numbers denote hinted prefix length). Use 'no' if you only want a single IPv6 address for the AP itself without a subnet for routing | |
| | ''clientid'' | string | no | //system default// | Override client identifier in DHCP requests | | | ''clientid'' | string | no | //system default// | Override client identifier in DHCP requests | | ||
| | ''dns'' | list of ip addresses | no | //(none)// | Supplement DHCP-assigned DNS server(s), or use only these if peerdns is 0 | | | ''dns'' | list of ip addresses | no | //(none)// | Supplement DHCP-assigned DNS server(s), or use only these if peerdns is 0 | | ||
| Line 178: | Line 179: | ||
| | ''reqopts'' | list of numbers | no | //(none)// | Specifies a list of additional DHCP options to request | | | ''reqopts'' | list of numbers | no | //(none)// | Specifies a list of additional DHCP options to request | | ||
| | ''noslaaconly'' | boolean | no | ''0'' | Don't allow configuration via SLAAC (RAs) only (implied by reqprefix != no) | | | ''noslaaconly'' | boolean | no | ''0'' | Don't allow configuration via SLAAC (RAs) only (implied by reqprefix != no) | | ||
| + | | ''norelease'' | boolean | no | ''0'' | Don't send a RELEASE when the interface is brought down | | ||
| | ''ip6prefix'' | ipv6 prefix | no | //(none)// | Use an (additional) user-provided IPv6 prefix for distribution to clients | | | ''ip6prefix'' | ipv6 prefix | no | //(none)// | Use an (additional) user-provided IPv6 prefix for distribution to clients | | ||
| Line 283: | Line 285: | ||
| | ''ttl'' | integer | no | ''64'' | TTL used for the tunnel interface | | | ''ttl'' | integer | no | ''64'' | TTL used for the tunnel interface | | ||
| | ''mtu'' | integer | no | ''1280'' | MTU used for the tunnel interface | | | ''mtu'' | integer | no | ''1280'' | MTU used for the tunnel interface | | ||
| - | | ''wan_device'' | string | no | //(none)// | Interface from where client IPv4 endpoint address is derived (used for endpoint update)| | ||
| | ''tunnelid'' | integer | no | //(none)// | HE.net global tunnel ID (used for endpoint update) | | | ''tunnelid'' | integer | no | //(none)// | HE.net global tunnel ID (used for endpoint update) | | ||
| | ''username'' | string | no | //(none)// | HE.net user ID (used for endpoint update) | | | ''username'' | string | no | //(none)// | HE.net user ID (used for endpoint update) | | ||
| Line 301: | Line 302: | ||
| | ''ttl'' | integer | no | ''64'' | TTL used for the tunnel interface | | | ''ttl'' | integer | no | ''64'' | TTL used for the tunnel interface | | ||
| | ''mtu'' | integer | no | ''1280'' | MTU used for the tunnel interface | | | ''mtu'' | integer | no | ''1280'' | MTU used for the tunnel interface | | ||
| - | | ''adv_interface'' | string | no | ''lan'' | The //logical interface name// of the network the subnet should be advertised on. Multiple interface names can be given. | | ||
| - | | ''adv_subnet'' | hex number | no | ''1'' | A subnet ID between ''1'' and ''FFFF'' which selects the advertised /64 prefix from the mapped 6to4 space. The subnet ID is incremented by 1 for every interface specified in ''adv_interface''. | | ||
| - | | ''adv_valid_lifetime'' | integer | no | ''300'' | Overrides the advertised valid prefix lifetime, in seconds (see also [[doc:uci:radvd#prefix|radvd prefix options]]) | | ||
| - | | ''adv_preferred_lifetime'' | integer | no | ''120'' | Overrides the advertised preferred prefix lifetime, in seconds (see also [[doc:uci:radvd#prefix|radvd prefix options]]) | | ||
| | ''metric'' | integer | no | ''0'' | Specifies the default route metric to use | | | ''metric'' | integer | no | ''0'' | Specifies the default route metric to use | | ||
| + | | ''adv_interface'' | string | no | ''lan'' | (deprecated) The //logical interface name// of the network the subnet should be advertised on. Multiple interface names can be given. | | ||
| + | | ''adv_subnet'' | hex number | no | ''1'' | (deprecated) A subnet ID between ''1'' and ''FFFF'' which selects the advertised /64 prefix from the mapped 6to4 space. The subnet ID is incremented by 1 for every interface specified in ''adv_interface''. | | ||
| + | | ''adv_valid_lifetime'' | integer | no | ''300'' | (deprecated) Overrides the advertised valid prefix lifetime, in seconds (see also [[doc:uci:radvd#prefix|radvd prefix options]]) | | ||
| + | | ''adv_preferred_lifetime'' | integer | no | ''120'' | (deprecated) Overrides the advertised preferred prefix lifetime, in seconds (see also [[doc:uci:radvd#prefix|radvd prefix options]]) | | ||
| **Note:** This protocol type does not need an ''ifname'' option set in the interface section. The interface name is derived from the section name, e.g. ''config interface wan6'' would result in an interface named ''6to4-wan6''. \\ | **Note:** This protocol type does not need an ''ifname'' option set in the interface section. The interface name is derived from the section name, e.g. ''config interface wan6'' would result in an interface named ''6to4-wan6''. \\ | ||
| - | **Note:** If [[doc:uci:radvd|radvd]] is installed and enabled, the 6to4 scripts will add a temporary prefix and interface declaration to the //radvd// uci configuration and perform a daemon restart if required. | + | **Note:** If [[doc:uci:radvd|radvd]] is installed and enabled, the 6to4 scripts will add a temporary prefix and interface declaration to the //radvd// uci configuration and perform a daemon restart if required. (deprecated) |
| + | |||
| + | |||
| + | === Protocol "6rd" (IPv6 rapid deployment) === | ||
| + | |||
| + | :!: The package ''6rd'' must be installed to use this protocol. | ||
| + | |||
| + | ^ Name ^ Type ^ Required ^ Default ^ Description ^ | ||
| + | | ''peeraddr'' | IPv4 address | yes | no | 6rd - Gateway | | ||
| + | | ''ipaddr'' | IPv4 address | no | Current WAN IPv4 address | Local IPv4 endpoint address | | ||
| + | | ''ip6prefix'' | IPv6 prefix (without length) | yes | no | 6rd-IPv6 Prefix | | ||
| + | | ''ip6prefixlen'' | IPv6 prefix length | yes | no | 6rd-IPv6 Prefix length | | ||
| + | | ''ip4prefixlen'' | IPv6 prefix length | no | 0 | IPv4 common prefix | | ||
| + | | ''defaultroute'' | boolean | no | ''1'' | Whether to create an IPv6 default route over the tunnel | | ||
| + | | ''ttl'' | integer | no | ''64'' | TTL used for the tunnel interface | | ||
| + | | ''mtu'' | integer | no | ''1280'' | MTU used for the tunnel interface | | ||
| + | |||
| + | **Note:** This protocol type does not need an ''ifname'' option set in the interface section. The interface name is derived from the section name, e.g. ''config interface wan6'' would result in an interface named ''6rd-wan6''. | ||
| + | |||
| + | |||
| + | === Protocol "dslite" (Dual-Stack Lite) === | ||
| + | |||
| + | :!: The package ''ds-lite'' must be installed to use this protocol. | ||
| + | |||
| + | ^ Name ^ Type ^ Required ^ Default ^ Description ^ | ||
| + | | ''peeraddr'' | IPv6 address | yes | no | DS-Lite AFTR address | | ||
| + | | ''ip6addr'' | IPv6 address | no | Current WAN IPv6 address | Local IPv6 endpoint address | | ||
| + | | ''tunlink'' | Logical Interface | no | Current WAN interface | Tunnel base interface | | ||
| + | | ''defaultroute'' | boolean | no | ''1'' | Whether to create an IPv6 default route over the tunnel | | ||
| + | | ''ttl'' | integer | no | ''64'' | TTL used for the tunnel interface | | ||
| + | | ''mtu'' | integer | no | ''1280'' | MTU used for the tunnel interface | | ||
| + | |||
| + | **Note:** This protocol type does not need an ''ifname'' option set in the interface section. The interface name is derived from the section name, e.g. ''config interface wan6'' would result in an interface named ''dslite-wan6''. | ||
| Line 438: | Line 471: | ||
| | ''metric'' | number | no | ''0'' | Specifies the //route metric// to use | | | ''metric'' | number | no | ''0'' | Specifies the //route metric// to use | | ||
| | ''mtu'' | number | no | //interface MTU// | Defines a specific MTU for this route | | | ''mtu'' | number | no | //interface MTU// | Defines a specific MTU for this route | | ||
| + | |||
| ==== IPv6 Routes ==== | ==== IPv6 Routes ==== | ||
| Line 461: | Line 495: | ||
| | ''metric'' | number | no | ''0'' | Specifies the //route metric// to use | | | ''metric'' | number | no | ''0'' | Specifies the //route metric// to use | | ||
| | ''mtu'' | number | no | //interface MTU// | Defines a specific MTU for this route | | | ''mtu'' | number | no | //interface MTU// | Defines a specific MTU for this route | | ||
| + | |||
| + | ==== IP rules ==== | ||
| + | |||
| + | Since OpenWrt Barrier Braker, netifd supports //IP rule// declarations which are required to implement policy routing. \\ | ||
| + | IPv4 rules can be defined by declaring one or more sections of type ''rule'', IPv6 rules are denoted by sections of type ''rule6''. Both types share the same set of defined options. | ||
| + | |||
| + | A simple IPv4 rule may look like: | ||
| + | |||
| + | <code>config rule | ||
| + | option mark '0xFF' | ||
| + | option in 'lan' | ||
| + | option dest '172.16.0.0/16' | ||
| + | option lookup '100'</code> | ||
| + | |||
| + | * ''0xFF'' is a [[http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.netfilter.html|fwmark]] to be matched | ||
| + | * ''lan'' is the incoming //logical interface name// | ||
| + | * ''172.16.0.0/16'' is the destination subnet to match | ||
| + | * ''100'' is the routing table ID to use for the matched traffic | ||
| + | |||
| + | Similary, an IPv6 rule looks like: | ||
| + | |||
| + | <code>config rule6 | ||
| + | option in 'vpn' | ||
| + | option dest 'fdca:1234::/64' | ||
| + | option action 'prohibit'</code> | ||
| + | |||
| + | * ''vpn'' is the incoming //logical interface name// | ||
| + | * ''fdca:1234::/64'' is the destination subnet to match | ||
| + | * ''prohibit'' is a routign action to take | ||
| + | |||
| + | The options below are defined for //IP rule// (''rule'' and ''rule6'') sections: | ||
| + | |||
| + | ^ Name ^ Type ^ Required ^ Default ^ Description ^ | ||
| + | | ''in'' | string | no | //(none)// | Specifies the incoming //logical interface name// | | ||
| + | | ''out'' | string | no | //(none)// | Specifies the outgoing //logical interface name// | | ||
| + | | ''src'' | ip subnet | no | //(none)// | Specifies the source subnet to match (CIDR notation) | | ||
| + | | ''dest'' | ip subnet | no | //(none)// | Specifies the destination subnet to match (CIDR notation) | | ||
| + | | ''tos'' | integer | no | //(none)// | Specifies the TOS value to match in IP headers | | ||
| + | | ''mark'' | mark/mask | no | //(none)// | Specifies the //fwmark// and optionally its mask to match, e.g. ''0xFF'' to match mark 255 or ''0x0/0x1'' to match any even mark value | | ||
| + | | ''invert'' | boolean | no | ''0'' | If set to ''1'', the meaning of the match options is inverted | | ||
| + | | ''priority'' | integer | no | //(incrementing)// | Controls the order of the IP rules, by default the priority is auto-assigned so that they are processed in the same order they're declared in the config file | | ||
| + | | ''lookup'' | routing table | at least one of | //(none)// | The rule target is a table lookup, the ID can be either a numeric table index ranging from ''0'' to ''65535'' or a symbolic alias declared in ''/etc/iproute2/rt_tables''. The special aliases ''local'' (''255''), ''main'' (''254'') and ''default'' (''253'') are recognized as well | | ||
| + | | ''goto'' | rule index | ::: | ::: | The rule target is a jump to another rule specified by its ''priority'' value | | ||
| + | | ''action'' | string | ::: | ::: | The rule target is one of the routing actions outlined in the table below | | ||
| + | |||
| + | === Routing Actions === | ||
| + | |||
| + | ^ Action ^ Description ^ | ||
| + | | ''prohibit'' | When reaching the rule, respond with //ICMP prohibited// messages and abort route lookup | | ||
| + | | ''unreachable'' | When reaching the rule, respond with //ICMP unreachable// messages and abort route lookup | | ||
| + | | ''blackhole'' | When reaching the rule, drop packet and abort route lookup | | ||
| + | | ''throw'' | Stop lookup in the current routing table even if a default route exists | | ||
| ===== Examples ===== | ===== Examples ===== | ||
| Line 532: | Line 618: | ||
| option 'output' 'ACCEPT' | option 'output' 'ACCEPT' | ||
| option 'masq' '1'</code> | option 'masq' '1'</code> | ||
| + | |||
| + | ==== PPPoA ADSL internet connection ==== | ||
| + | |||
| + | <code>config adsl-device 'adsl' | ||
| + | option fwannex 'a' | ||
| + | option annex 'a' | ||
| + | |||
| + | config interface 'wan' | ||
| + | option proto 'pppoa' | ||
| + | option username 'jbloggs@plusdsl.net' | ||
| + | option password 'XXXXXXXXX' | ||
| + | option vpi '0' | ||
| + | option vci '38' | ||
| + | option encaps 'vc'</code> | ||
| + | |||
| ==== Static IPv6-in-IPv4 tunnel ==== | ==== Static IPv6-in-IPv4 tunnel ==== | ||
doc/uci/network.1360657967.txt.bz2 · Last modified: 2013/02/12 09:32 by steven