ifstate.yaml (SchemaStore) JSON Schema

Type	object
File match	`ifstate.yaml` `**/ifstate/config.yml`
Schema URL	https://catalog.lintel.tools/schemas/schemastore/ifstate-yaml/latest.json
Source	https://ifstate.net/schema/2/ifstate.conf.schema.json

Versions

0.6 0.7 0.8 0.9 1.0 1.1 1.10 1.11 1.12 1.13 1.2 1.3 1.4 1.5 1.6 1.7 1.8 1.9 2.0 2.1

Validate with Lintel

npx @lintel/lintel check

Type: object

IfState 2.2 Configuration Schema

Properties

interfaces object required

dictionary of interfaces related settings, the name of the interface needs to be specified as key

parameters object

adjust the implicit behaviour of ifstate

5 nested properties

cshaper object

cshaper templates

defaults object[]

default settings for configured interfaces

defaults_builtin object[]

default settings for configured interfaces

hooks object

hooks are executed on interface configuration and can be used to spawn commands like DHCP client, wpa_supplicant or pppd.

ignore object

ignore patterns to skip interface, ip address or routing objects

12 nested properties

ipaddr_builtin string | object[]

list of ip address prefixes to be ignored

ipaddr string | object[]

list of ip address prefixes to be ignored

ipaddr_dynamic boolean

ignore dynamic assigned ip addresses

Default: true

ifname_builtin string[]

interface names matching this list of regex will be ignored

ifname string[]

interface names matching this list of regex will be ignored

fdb_builtin string[]

fdb entries matching this list of regex will be ignored

fdb string[]

fdb entries matching this list of regex will be ignored

routes_builtin object[]

filter routes by options

routes object[]

filter routes by options

rules_builtin object[]

filter rules by options

rules object[]

filter rules by options

netns string[]

netns namespaces matching this list of regex will be ignored

bpf object

load and pin eBPF programs (i.e. for XDP)

routing object

2 nested properties

routes object[]

rules object[]

sysctl object

network sysctl settings

4 nested properties

all object

overrides per interface sysctl settings in /proc/sys/net/ipv*/conf/all/

2 nested properties

ipv4 object

settings in /proc/sys/net/ipv4/<interface>/conf/

32 nested properties

accept_local integer

accept_redirects integer

accept_source_route integer

arp_accept integer

arp_announce integer

arp_filter integer

arp_ignore integer

arp_notify integer

bc_forwarding integer

bootp_relay integer

disable_policy integer

disable_xfrm integer

drop_gratuitous_arp integer

drop_unicast_in_l2_multicast integer

force_igmp_version integer

forwarding integer

igmpv2_unsolicited_report_interval integer

igmpv3_unsolicited_report_interval integer

ignore_routes_with_linkdown integer

log_martians integer

mc_forwarding integer

medium_id integer

promote_secondaries integer

proxy_arp integer

proxy_arp_pvlan integer

route_localnet integer

rp_filter integer

secure_redirects integer

send_redirects integer

shared_media integer

src_valid_mark integer

tag integer

ipv6 object

settings in /proc/sys/net/ipv6/<interface>/conf/

51 nested properties

accept_dad integer

accept_ra integer

accept_ra_defrtr integer

accept_ra_from_local integer

accept_ra_min_hop_limit integer

accept_ra_mtu integer

accept_ra_pinfo integer

accept_ra_rt_info_max_plen integer

accept_ra_rt_info_min_plen integer

accept_ra_rtr_pref integer

accept_redirects integer

accept_source_route integer

addr_gen_mode integer

autoconf integer

dad_transmits integer

disable_ipv6 integer

disable_policy integer

drop_unicast_in_l2_multicast integer

drop_unsolicited_na integer

enhanced_dad integer

force_mld_version integer

force_tllao integer

forwarding integer

hop_limit integer

ignore_routes_with_linkdown integer

keep_addr_on_down integer

max_addresses integer

max_desync_factor integer

mc_forwarding integer

mldv1_unsolicited_report_interval integer

mldv2_unsolicited_report_interval integer

mtu integer

ndisc_notify integer

ndisc_tclass integer

optimistic_dad integer

perform Optimistic Duplicate Address Detection (RFC 4429); This option is enabled by default in ifstate!

proxy_ndp integer

regen_max_retry integer

router_probe_interval integer

router_solicitation_delay integer

router_solicitation_interval integer

router_solicitation_max_interval integer

router_solicitations integer

seg6_enabled integer

seg6_require_hmac integer

stable_secret string

format=ipv6

suppress_frag_ndisc integer

temp_prefered_lft integer

temp_valid_lft integer

use_oif_addrs_only integer

use_optimistic integer

use_tempaddr integer

default object

default per interface sysctl settings in /proc/sys/net/ipv*/conf/default/

2 nested properties

ipv4 object

settings in /proc/sys/net/ipv4/<interface>/conf/

32 nested properties

accept_local integer

accept_redirects integer

accept_source_route integer

arp_accept integer

arp_announce integer

arp_filter integer

arp_ignore integer

arp_notify integer

bc_forwarding integer

bootp_relay integer

disable_policy integer

disable_xfrm integer

drop_gratuitous_arp integer

drop_unicast_in_l2_multicast integer

force_igmp_version integer

forwarding integer

igmpv2_unsolicited_report_interval integer

igmpv3_unsolicited_report_interval integer

ignore_routes_with_linkdown integer

log_martians integer

mc_forwarding integer

medium_id integer

promote_secondaries integer

proxy_arp integer

proxy_arp_pvlan integer

route_localnet integer

rp_filter integer

secure_redirects integer

send_redirects integer

shared_media integer

src_valid_mark integer

tag integer

ipv6 object

settings in /proc/sys/net/ipv6/<interface>/conf/

51 nested properties

accept_dad integer

accept_ra integer

accept_ra_defrtr integer

accept_ra_from_local integer

accept_ra_min_hop_limit integer

accept_ra_mtu integer

accept_ra_pinfo integer

accept_ra_rt_info_max_plen integer

accept_ra_rt_info_min_plen integer

accept_ra_rtr_pref integer

accept_redirects integer

accept_source_route integer

addr_gen_mode integer

autoconf integer

dad_transmits integer

disable_ipv6 integer

disable_policy integer

drop_unicast_in_l2_multicast integer

drop_unsolicited_na integer

enhanced_dad integer

force_mld_version integer

force_tllao integer

forwarding integer

hop_limit integer

ignore_routes_with_linkdown integer

keep_addr_on_down integer

max_addresses integer

max_desync_factor integer

mc_forwarding integer

mldv1_unsolicited_report_interval integer

mldv2_unsolicited_report_interval integer

mtu integer

ndisc_notify integer

ndisc_tclass integer

optimistic_dad integer

perform Optimistic Duplicate Address Detection (RFC 4429); This option is enabled by default in ifstate!

proxy_ndp integer

regen_max_retry integer

router_probe_interval integer

router_solicitation_delay integer

router_solicitation_interval integer

router_solicitation_max_interval integer

router_solicitations integer

seg6_enabled integer

seg6_require_hmac integer

stable_secret string

format=ipv6

suppress_frag_ndisc integer

temp_prefered_lft integer

temp_valid_lft integer

use_oif_addrs_only integer

use_optimistic integer

use_tempaddr integer

mpls object

MPLS sysctl settings in /proc/sys/net/mpls/

3 nested properties

platform_labels integer

number of entries in the platform label table

min=0max=1048575

ip_ttl_propagate integer

control whether TTL is propagated

min=0max=1

default_ttl integer

default TTL value to use for MPLS packets

min=1max=255

mptcp object

Multipath TCP sysctl settings in /proc/sys/net/mptcp/

11 nested properties

add_addr_timeout integer

timeout in seconds after which an ADD_ADDR control message will be resent

Default: 120

min=-8589934max=8589934

allow_join_initial_addr_port boolean

allow peers to send join requests to the IP address and port number used by the initial subflow

Default: true

blackhole_timeout integer

initial time period in second to disable MPTCP on active MPTCP sockets when a MPTCP firewall blackhole issue happens

Default: 3600

min=0max=2147483647

checksum_enabled boolean

control whether DSS checksum can be enabled

Default: false

close_timeout integer

set the make-after-break timeout

Default: 60

min=-8589934max=8589934

enabled boolean

control whether MPTCP sockets can be created

Default: true

path_manager string

control whether MPTCP sockets can be created

Default: "kernel"

Values: "kernel" "userspace"

pm_type integer

set the default path manager type to use for each new MPTCP socket

Values: 0 1

scheduler string

select the scheduler of your choice

Default: "default"

stale_loss_cnt integer

number of MPTCP-level retransmission intervals with no traffic and pending outstanding data on a given subflow required to declare it stale

Default: 4

min=0max=4294967295

syn_retrans_before_tcp_fallback integer

number of SYN + MP_CAPABLE retransmissions before falling back to TCP

Default: 2

min=0

namespaces object

Definitions

condition-vrrp object

configure depending on vrrp status

name string required

related vrrp INSTANCE or GROUP name

type string required

failover type

Values: "instance" "group"

states array required

states at which the interface should be configured

ignore-fdb string[]

fdb entries matching this list of regex will be ignored

ignore-ipaddr string | object[]

list of ip address prefixes to be ignored

ignore-ifname string[]

interface names matching this list of regex will be ignored

ignore-routes object[]

filter routes by options

ignore-rules object[]

filter rules by options

iface-name string

iface-ethtool object

network driver and hardware settings via ethtool(8)

pause object

pause parameters

3 nested properties

autoneg boolean | string

Values: "on" "off" true false

rx boolean | string

Values: "on" "off" true false

tx boolean | string

Values: "on" "off" true false

coalesce object

interrupt coalescing

22 nested properties

adaptive-rx boolean | string

Values: "on" "off" true false

adaptive-tx boolean | string

Values: "on" "off" true false

rx-usecs integer

rx-frames integer

rx-usecs-irq integer

rx-frames-irq integer

tx-usecs integer

tx-frames integer

tx-usecs-irq integer

tx-frames-irq integer

stats-block-usecs integer

pkt-rate-low integer

rx-usecs-low integer

rx-frames-low integer

tx-usecs-low integer

tx-frames-low integer

pkt-rate-high integer

rx-usecs-high integer

rx-frames-high integer

tx-usecs-high integer

tx-frames-high integer

sample-interval integer

ring object

rx/tx ring parameters

4 nested properties

rx integer

number of ring entries for the Rx ring

rx-mmini integer

number of ring entries for the Rx Mini ring

rx-jumbo integer

number of ring entries for the Rx Jumbo ring

tx integer

number of ring entries for the Tx ring

features object

offload parameters and other features

12 nested properties

rx boolean | string

Values: "on" "off" true false

tx boolean | string

Values: "on" "off" true false

sg boolean | string

Values: "on" "off" true false

tso boolean | string

Values: "on" "off" true false

ufo boolean | string

Values: "on" "off" true false

gso boolean | string

Values: "on" "off" true false

gro boolean | string

Values: "on" "off" true false

lro boolean | string

Values: "on" "off" true false

rxvlan boolean | string

Values: "on" "off" true false

txvlan boolean | string

Values: "on" "off" true false

ntuple boolean | string

Values: "on" "off" true false

rxhash boolean | string

Values: "on" "off" true false

change object

device settings

11 nested properties

speed integer

speed in Mbps

duplex string

full or half duplex mode

Values: "half" "full"

port string

device port selection

Values: "tp" "aui" "bnc" "mii"

mdix boolean | string

MDI-X mode for port

Values: "auto" "on" "off" true false

autoneg boolean | string

Values: "on" "off" true false

advertise integer

speed and duplex advertised by autonegotation

phyad integer

PHY address

xcvr string

transceiver type

Values: "internal" "external"

wol string

Wake-on-LAN options

pattern=^[pumbagsfd]+$

sopass string

SecureOn™ password

pattern=^[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}$

msglvl integer | array

driver message flags

channels object

number of channels

4 nested properties

rx integer

number of channels with only receive queues

tx integer

number of channels with only transmit queues

other integer

number of channels used only for other purposes

combined integer

number of multi-purpose channels

eee object

Energy-Efficient Ethernet (according to the IEEE 802.3az specifications)

4 nested properties

eee boolean | string

Values: "on" "off" true false

tx-lpi boolean | string

Values: "on" "off" true false

advertise integer

sets the speed for which EEE should be enabled (see also change.advertise)

tx-timer integer

amount of idle time prior asserting Tx LPI (in microseconds)

phy-tunable object

PHY tunable parameters

3 nested properties

downshift iface-ethtool_onoff | array

enable downshift

fast-link-down iface-ethtool_onoff | array

enable Fast Link Down

energy-detect-power-down iface-ethtool_onoff | array

enable Energy Detect Power Down (EDPD)

priv-flags object

private flags

fec object

Forward Error Correction

1 nested properties

encoding string | array

FEC encoding

Values: "auto" "off" "RS" "BaseR" "LLRS"

iface-link_address string

link mac address (xx:xx:xx:xx:xx:xx)

iface-link_bind-netns string | null

specifies the netns name or null where the tunnel or underlay should be bind, if not set the binding will happen in the netns namespace of the link

iface-link_group integer | string

specifies a device group name or index

iface-link_link integer | string

specifies the base link name or index

iface-link_link-netns string | null

specifies the base link's netns name or null if the link isn't in a netns namespace

iface-link_master integer | string | null

specifies a master device name or index, use null to remove the master

iface-link_master-netns string | null

specifies the master's netns name or null if the master isn't in a netns namespace

iface-link_mtu integer

change the mtu of the device

iface-link_state string

set device state

iface-link_txqlen integer

the transmit queue length of the device

iface-link_ifalias null | string

symbolic name for easy reference

iface-link_tun-remote4 string

remote IPv4 address of the tunnel

iface-link_tun-local4 string

local IPv4 address of the tunnel

iface-link_tun-remote6 string

remote IPv4 address of the tunnel

iface-link_tun-local6 string

local IPv4 address of the tunnel

iface-link_tun-dev integer | string

specifies the base link name or index

iface-sysctl-ipv4 object

settings in /proc/sys/net/ipv4/<interface>/conf/

accept_local integer

accept_redirects integer

accept_source_route integer

arp_accept integer

arp_announce integer

arp_filter integer

arp_ignore integer

arp_notify integer

bc_forwarding integer

bootp_relay integer

disable_policy integer

disable_xfrm integer

drop_gratuitous_arp integer

drop_unicast_in_l2_multicast integer

force_igmp_version integer

forwarding integer

igmpv2_unsolicited_report_interval integer

igmpv3_unsolicited_report_interval integer

ignore_routes_with_linkdown integer

log_martians integer

mc_forwarding integer

medium_id integer

promote_secondaries integer

proxy_arp integer

proxy_arp_pvlan integer

route_localnet integer

rp_filter integer

secure_redirects integer

send_redirects integer

shared_media integer

src_valid_mark integer

tag integer

iface-sysctl-ipv6 object

settings in /proc/sys/net/ipv6/<interface>/conf/

accept_dad integer

accept_ra integer

accept_ra_defrtr integer

accept_ra_from_local integer

accept_ra_min_hop_limit integer

accept_ra_mtu integer

accept_ra_pinfo integer

accept_ra_rt_info_max_plen integer

accept_ra_rt_info_min_plen integer

accept_ra_rtr_pref integer

accept_redirects integer

accept_source_route integer

addr_gen_mode integer

autoconf integer

dad_transmits integer

disable_ipv6 integer

disable_policy integer

drop_unicast_in_l2_multicast integer

drop_unsolicited_na integer

enhanced_dad integer

force_mld_version integer

force_tllao integer

forwarding integer

hop_limit integer

ignore_routes_with_linkdown integer

keep_addr_on_down integer

max_addresses integer

max_desync_factor integer

mc_forwarding integer

mldv1_unsolicited_report_interval integer

mldv2_unsolicited_report_interval integer

mtu integer

ndisc_notify integer

ndisc_tclass integer

optimistic_dad integer

perform Optimistic Duplicate Address Detection (RFC 4429); This option is enabled by default in ifstate!

proxy_ndp integer

regen_max_retry integer

router_probe_interval integer

router_solicitation_delay integer

router_solicitation_interval integer

router_solicitation_max_interval integer

router_solicitations integer

seg6_enabled integer

seg6_require_hmac integer

stable_secret string

format=ipv6

suppress_frag_ndisc integer

temp_prefered_lft integer

temp_valid_lft integer

use_oif_addrs_only integer

use_optimistic integer

use_tempaddr integer

iface-sysctl-mpls object

MPLS sysctl settings in /proc/sys/net/mpls/

platform_labels integer

number of entries in the platform label table

min=0max=1048575

ip_ttl_propagate integer

control whether TTL is propagated

min=0max=1

default_ttl integer

default TTL value to use for MPLS packets

min=1max=255

iface-sysctl-mpls-link object

MPLS interface sysctl settings in /proc/sys/net/mpls/<interface>/

input integer

control whether packets can be input on this interface

min=0max=1

iface-sysctl-mptcp object

Multipath TCP sysctl settings in /proc/sys/net/mptcp/

add_addr_timeout integer

timeout in seconds after which an ADD_ADDR control message will be resent

Default: 120

min=-8589934max=8589934

allow_join_initial_addr_port boolean

allow peers to send join requests to the IP address and port number used by the initial subflow

Default: true

blackhole_timeout integer

initial time period in second to disable MPTCP on active MPTCP sockets when a MPTCP firewall blackhole issue happens

Default: 3600

min=0max=2147483647

checksum_enabled boolean

control whether DSS checksum can be enabled

Default: false

close_timeout integer

set the make-after-break timeout

Default: 60

min=-8589934max=8589934

enabled boolean

control whether MPTCP sockets can be created

Default: true

path_manager string

control whether MPTCP sockets can be created

Default: "kernel"

Values: "kernel" "userspace"

pm_type integer

set the default path manager type to use for each new MPTCP socket

Values: 0 1

scheduler string

select the scheduler of your choice

Default: "default"

stale_loss_cnt integer

number of MPTCP-level retransmission intervals with no traffic and pending outstanding data on a given subflow required to declare it stale

Default: 4

min=0max=4294967295

syn_retrans_before_tcp_fallback integer

number of SYN + MP_CAPABLE retransmissions before falling back to TCP

Default: 2

min=0

iface-ethtool_onoff boolean | string

iface-tc_qid string

qdisc id

iface-tc_protocol string | integer

protocol selector

iface-tc_prio integer

priority

iface-tc_qdisc object

traffic control queueing discipline

handle string required

qdisc id

format=^(root|[0-9a-f]+:[0-9a-f]*)$

tc-cake object

cake - common applications kept enhanced (CAKE)

kind const: "cake" required

qdisk type

Constant: "cake"

handle string

qdisc id

format=^(root|[0-9a-f]+:[0-9a-f]*)$

ack_filter boolean | string

ACKnowledge filter

Values: "aggressive" true false

atm_mode boolean | string

ATM mode

Values: "ptm" true false

autorate boolean

autorate-ingress

diffserv_mode string

diffserv mode

Values: "diffserv3" "diffserv4" "diffserv8" "besteffort" "precedence"

ingress boolean

ingress

overhead integer

overhead

min=-64max=256

flow_mode string

flow mode

Values: "flowblind" "srchost" "dsthost" "hosts" "flows" "dual-srchost" "dual-dsthost" "triple-isolated"

fwmark integer

fwmark

min=0

memlimit integer

memlimit

min=0

mpu integer

MPU

min=0max=256

nat boolean

NAT

raw boolean

RAW

rtt string | integer

split_gso boolean

split GSO

target integer

target

min=1

wash boolean

wash

iface-tc_action object[]

traffic control filter action

xdp_mode