ifstate.yaml

2.1

Schema URL

https://catalog.lintel.tools/schemas/schemastore/ifstate-yaml/versions/2.1.json
← Back to ifstate.yaml
Type: object

IfState 2.1 Configuration Schema

Properties

interfaces object required

dictionary of interfaces related settings, the name of the interface needs to be specified as key

parameters object

adjust the implicit behaviour of ifstate

5 nested properties
cshaper object

cshaper templates

defaults object[]

default settings for configured interfaces

defaults_builtin object[]

default settings for configured interfaces

hooks object

hooks are executed on interface configuration and can be used to spawn commands like DHCP client, wpa_supplicant or pppd.

ignore object

ignore patterns to skip interface, ip address or routing objects

12 nested properties
ipaddr_builtin string | object[]

list of ip address prefixes to be ignored

ipaddr string | object[]

list of ip address prefixes to be ignored

ipaddr_dynamic boolean

ignore dynamic assigned ip addresses

Default: true
ifname_builtin string[]

interface names matching this list of regex will be ignored

ifname string[]

interface names matching this list of regex will be ignored

fdb_builtin string[]

fdb entries matching this list of regex will be ignored

fdb string[]

fdb entries matching this list of regex will be ignored

routes_builtin object[]

filter routes by options

routes object[]

filter routes by options

rules_builtin object[]

filter rules by options

rules object[]

filter rules by options

netns string[]

netns namespaces matching this list of regex will be ignored

bpf object

load and pin eBPF programs (i.e. for XDP)

routing object
2 nested properties
routes object[]
rules object[]
sysctl object

network sysctl settings

4 nested properties
all object

overrides per interface sysctl settings in /proc/sys/net/ipv*/conf/all/

2 nested properties
ipv4 object

settings in /proc/sys/net/ipv4/<interface>/conf/

32 nested properties
accept_local integer
accept_redirects integer
accept_source_route integer
arp_accept integer
arp_announce integer
arp_filter integer
arp_ignore integer
arp_notify integer
bc_forwarding integer
bootp_relay integer
disable_policy integer
disable_xfrm integer
drop_gratuitous_arp integer
drop_unicast_in_l2_multicast integer
force_igmp_version integer
forwarding integer
igmpv2_unsolicited_report_interval integer
igmpv3_unsolicited_report_interval integer
ignore_routes_with_linkdown integer
log_martians integer
mc_forwarding integer
medium_id integer
promote_secondaries integer
proxy_arp integer
proxy_arp_pvlan integer
route_localnet integer
rp_filter integer
secure_redirects integer
send_redirects integer
shared_media integer
src_valid_mark integer
tag integer
ipv6 object

settings in /proc/sys/net/ipv6/<interface>/conf/

51 nested properties
accept_dad integer
accept_ra integer
accept_ra_defrtr integer
accept_ra_from_local integer
accept_ra_min_hop_limit integer
accept_ra_mtu integer
accept_ra_pinfo integer
accept_ra_rt_info_max_plen integer
accept_ra_rt_info_min_plen integer
accept_ra_rtr_pref integer
accept_redirects integer
accept_source_route integer
addr_gen_mode integer
autoconf integer
dad_transmits integer
disable_ipv6 integer
disable_policy integer
drop_unicast_in_l2_multicast integer
drop_unsolicited_na integer
enhanced_dad integer
force_mld_version integer
force_tllao integer
forwarding integer
hop_limit integer
ignore_routes_with_linkdown integer
keep_addr_on_down integer
max_addresses integer
max_desync_factor integer
mc_forwarding integer
mldv1_unsolicited_report_interval integer
mldv2_unsolicited_report_interval integer
mtu integer
ndisc_notify integer
ndisc_tclass integer
optimistic_dad integer

perform Optimistic Duplicate Address Detection (RFC 4429); This option is enabled by default in ifstate!

proxy_ndp integer
regen_max_retry integer
router_probe_interval integer
router_solicitation_delay integer
router_solicitation_interval integer
router_solicitation_max_interval integer
router_solicitations integer
seg6_enabled integer
seg6_require_hmac integer
stable_secret string
format=ipv6
suppress_frag_ndisc integer
temp_prefered_lft integer
temp_valid_lft integer
use_oif_addrs_only integer
use_optimistic integer
use_tempaddr integer
default object

default per interface sysctl settings in /proc/sys/net/ipv*/conf/default/

2 nested properties
ipv4 object

settings in /proc/sys/net/ipv4/<interface>/conf/

32 nested properties
accept_local integer
accept_redirects integer
accept_source_route integer
arp_accept integer
arp_announce integer
arp_filter integer
arp_ignore integer
arp_notify integer
bc_forwarding integer
bootp_relay integer
disable_policy integer
disable_xfrm integer
drop_gratuitous_arp integer
drop_unicast_in_l2_multicast integer
force_igmp_version integer
forwarding integer
igmpv2_unsolicited_report_interval integer
igmpv3_unsolicited_report_interval integer
ignore_routes_with_linkdown integer
log_martians integer
mc_forwarding integer
medium_id integer
promote_secondaries integer
proxy_arp integer
proxy_arp_pvlan integer
route_localnet integer
rp_filter integer
secure_redirects integer
send_redirects integer
shared_media integer
src_valid_mark integer
tag integer
ipv6 object

settings in /proc/sys/net/ipv6/<interface>/conf/

51 nested properties
accept_dad integer
accept_ra integer
accept_ra_defrtr integer
accept_ra_from_local integer
accept_ra_min_hop_limit integer
accept_ra_mtu integer
accept_ra_pinfo integer
accept_ra_rt_info_max_plen integer
accept_ra_rt_info_min_plen integer
accept_ra_rtr_pref integer
accept_redirects integer
accept_source_route integer
addr_gen_mode integer
autoconf integer
dad_transmits integer
disable_ipv6 integer
disable_policy integer
drop_unicast_in_l2_multicast integer
drop_unsolicited_na integer
enhanced_dad integer
force_mld_version integer
force_tllao integer
forwarding integer
hop_limit integer
ignore_routes_with_linkdown integer
keep_addr_on_down integer
max_addresses integer
max_desync_factor integer
mc_forwarding integer
mldv1_unsolicited_report_interval integer
mldv2_unsolicited_report_interval integer
mtu integer
ndisc_notify integer
ndisc_tclass integer
optimistic_dad integer

perform Optimistic Duplicate Address Detection (RFC 4429); This option is enabled by default in ifstate!

proxy_ndp integer
regen_max_retry integer
router_probe_interval integer
router_solicitation_delay integer
router_solicitation_interval integer
router_solicitation_max_interval integer
router_solicitations integer
seg6_enabled integer
seg6_require_hmac integer
stable_secret string
format=ipv6
suppress_frag_ndisc integer
temp_prefered_lft integer
temp_valid_lft integer
use_oif_addrs_only integer
use_optimistic integer
use_tempaddr integer
mpls object

MPLS sysctl settings in /proc/sys/net/mpls/

3 nested properties
platform_labels integer

number of entries in the platform label table

min=0max=1048575
ip_ttl_propagate integer

control whether TTL is propagated

min=0max=1
default_ttl integer

default TTL value to use for MPLS packets

min=1max=255
mptcp object

Multipath TCP sysctl settings in /proc/sys/net/mptcp/

11 nested properties
add_addr_timeout integer

timeout in seconds after which an ADD_ADDR control message will be resent

Default: 120
min=-8589934max=8589934
allow_join_initial_addr_port boolean

allow peers to send join requests to the IP address and port number used by the initial subflow

Default: true
blackhole_timeout integer

initial time period in second to disable MPTCP on active MPTCP sockets when a MPTCP firewall blackhole issue happens

Default: 3600
min=0max=2147483647
checksum_enabled boolean

control whether DSS checksum can be enabled

Default: false
close_timeout integer

set the make-after-break timeout

Default: 60
min=-8589934max=8589934
enabled boolean

control whether MPTCP sockets can be created

Default: true
path_manager string

control whether MPTCP sockets can be created

Default: "kernel"
Values: "kernel" "userspace"
pm_type integer

set the default path manager type to use for each new MPTCP socket

Values: 0 1
scheduler string

select the scheduler of your choice

Default: "default"
stale_loss_cnt integer

number of MPTCP-level retransmission intervals with no traffic and pending outstanding data on a given subflow required to declare it stale

Default: 4
min=0max=4294967295
syn_retrans_before_tcp_fallback integer

number of SYN + MP_CAPABLE retransmissions before falling back to TCP

Default: 2
min=0
namespaces object

Definitions

condition-vrrp object

configure depending on vrrp status

name string required

related vrrp INSTANCE or GROUP name

type string required

failover type

Values: "instance" "group"
states array required

states at which the interface should be configured

ignore-fdb string[]

fdb entries matching this list of regex will be ignored

ignore-ipaddr string | object[]

list of ip address prefixes to be ignored

ignore-ifname string[]

interface names matching this list of regex will be ignored

ignore-routes object[]

filter routes by options

ignore-rules object[]

filter rules by options

iface-name string
iface-ethtool object

network driver and hardware settings via ethtool(8)

pause object

pause parameters

3 nested properties
autoneg boolean | string
Values: "on" "off" true false
rx boolean | string
Values: "on" "off" true false
tx boolean | string
Values: "on" "off" true false
coalesce object

interrupt coalescing

22 nested properties
adaptive-rx boolean | string
Values: "on" "off" true false
adaptive-tx boolean | string
Values: "on" "off" true false
rx-usecs integer
rx-frames integer
rx-usecs-irq integer
rx-frames-irq integer
tx-usecs integer
tx-frames integer
tx-usecs-irq integer
tx-frames-irq integer
stats-block-usecs integer
pkt-rate-low integer
rx-usecs-low integer
rx-frames-low integer
tx-usecs-low integer
tx-frames-low integer
pkt-rate-high integer
rx-usecs-high integer
rx-frames-high integer
tx-usecs-high integer
tx-frames-high integer
sample-interval integer
ring object

rx/tx ring parameters

4 nested properties
rx integer

number of ring entries for the Rx ring

rx-mmini integer

number of ring entries for the Rx Mini ring

rx-jumbo integer

number of ring entries for the Rx Jumbo ring

tx integer

number of ring entries for the Tx ring

features object

offload parameters and other features

12 nested properties
rx boolean | string
Values: "on" "off" true false
tx boolean | string
Values: "on" "off" true false
sg boolean | string
Values: "on" "off" true false
tso boolean | string
Values: "on" "off" true false
ufo boolean | string
Values: "on" "off" true false
gso boolean | string
Values: "on" "off" true false
gro boolean | string
Values: "on" "off" true false
lro boolean | string
Values: "on" "off" true false
rxvlan boolean | string
Values: "on" "off" true false
txvlan boolean | string
Values: "on" "off" true false
ntuple boolean | string
Values: "on" "off" true false
rxhash boolean | string
Values: "on" "off" true false
change object

device settings

11 nested properties
speed integer

speed in Mbps

duplex string

full or half duplex mode

Values: "half" "full"
port string

device port selection

Values: "tp" "aui" "bnc" "mii"
mdix boolean | string

MDI-X mode for port

Values: "auto" "on" "off" true false
autoneg boolean | string
Values: "on" "off" true false
advertise integer

speed and duplex advertised by autonegotation

phyad integer

PHY address

xcvr string

transceiver type

Values: "internal" "external"
wol string

Wake-on-LAN options

pattern=^[pumbagsfd]+$
sopass string

SecureOn™ password

pattern=^[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}$
msglvl integer | array

driver message flags

channels object

number of channels

4 nested properties
rx integer

number of channels with only receive queues

tx integer

number of channels with only transmit queues

other integer

number of channels used only for other purposes

combined integer

number of multi-purpose channels

eee object

Energy-Efficient Ethernet (according to the IEEE 802.3az specifications)

4 nested properties
eee boolean | string
Values: "on" "off" true false
tx-lpi boolean | string
Values: "on" "off" true false
advertise integer

sets the speed for which EEE should be enabled (see also change.advertise)

tx-timer integer

amount of idle time prior asserting Tx LPI (in microseconds)

phy-tunable object

PHY tunable parameters

3 nested properties
downshift iface-ethtool_onoff | array

enable downshift

fast-link-down iface-ethtool_onoff | array

enable Fast Link Down

energy-detect-power-down iface-ethtool_onoff | array

enable Energy Detect Power Down (EDPD)

priv-flags object

private flags

fec object

Forward Error Correction

1 nested properties
encoding string | array

FEC encoding

Values: "auto" "off" "RS" "BaseR" "LLRS"
iface-sysctl-ipv4 object

settings in /proc/sys/net/ipv4/<interface>/conf/

accept_local integer
accept_redirects integer
accept_source_route integer
arp_accept integer
arp_announce integer
arp_filter integer
arp_ignore integer
arp_notify integer
bc_forwarding integer
bootp_relay integer
disable_policy integer
disable_xfrm integer
drop_gratuitous_arp integer
drop_unicast_in_l2_multicast integer
force_igmp_version integer
forwarding integer
igmpv2_unsolicited_report_interval integer
igmpv3_unsolicited_report_interval integer
ignore_routes_with_linkdown integer
log_martians integer
mc_forwarding integer
medium_id integer
promote_secondaries integer
proxy_arp integer
proxy_arp_pvlan integer
route_localnet integer
rp_filter integer
secure_redirects integer
send_redirects integer
shared_media integer
src_valid_mark integer
tag integer
iface-sysctl-ipv6 object

settings in /proc/sys/net/ipv6/<interface>/conf/

accept_dad integer
accept_ra integer
accept_ra_defrtr integer
accept_ra_from_local integer
accept_ra_min_hop_limit integer
accept_ra_mtu integer
accept_ra_pinfo integer
accept_ra_rt_info_max_plen integer
accept_ra_rt_info_min_plen integer
accept_ra_rtr_pref integer
accept_redirects integer
accept_source_route integer
addr_gen_mode integer
autoconf integer
dad_transmits integer
disable_ipv6 integer
disable_policy integer
drop_unicast_in_l2_multicast integer
drop_unsolicited_na integer
enhanced_dad integer
force_mld_version integer
force_tllao integer
forwarding integer
hop_limit integer
ignore_routes_with_linkdown integer
keep_addr_on_down integer
max_addresses integer
max_desync_factor integer
mc_forwarding integer
mldv1_unsolicited_report_interval integer
mldv2_unsolicited_report_interval integer
mtu integer
ndisc_notify integer
ndisc_tclass integer
optimistic_dad integer

perform Optimistic Duplicate Address Detection (RFC 4429); This option is enabled by default in ifstate!

proxy_ndp integer
regen_max_retry integer
router_probe_interval integer
router_solicitation_delay integer
router_solicitation_interval integer
router_solicitation_max_interval integer
router_solicitations integer
seg6_enabled integer
seg6_require_hmac integer
stable_secret string
format=ipv6
suppress_frag_ndisc integer
temp_prefered_lft integer
temp_valid_lft integer
use_oif_addrs_only integer
use_optimistic integer
use_tempaddr integer
iface-sysctl-mpls object

MPLS sysctl settings in /proc/sys/net/mpls/

platform_labels integer

number of entries in the platform label table

min=0max=1048575
ip_ttl_propagate integer

control whether TTL is propagated

min=0max=1
default_ttl integer

default TTL value to use for MPLS packets

min=1max=255
iface-sysctl-mptcp object

Multipath TCP sysctl settings in /proc/sys/net/mptcp/

add_addr_timeout integer

timeout in seconds after which an ADD_ADDR control message will be resent

Default: 120
min=-8589934max=8589934
allow_join_initial_addr_port boolean

allow peers to send join requests to the IP address and port number used by the initial subflow

Default: true
blackhole_timeout integer

initial time period in second to disable MPTCP on active MPTCP sockets when a MPTCP firewall blackhole issue happens

Default: 3600
min=0max=2147483647
checksum_enabled boolean

control whether DSS checksum can be enabled

Default: false
close_timeout integer

set the make-after-break timeout

Default: 60
min=-8589934max=8589934
enabled boolean

control whether MPTCP sockets can be created

Default: true
path_manager string

control whether MPTCP sockets can be created

Default: "kernel"
Values: "kernel" "userspace"
pm_type integer

set the default path manager type to use for each new MPTCP socket

Values: 0 1
scheduler string

select the scheduler of your choice

Default: "default"
stale_loss_cnt integer

number of MPTCP-level retransmission intervals with no traffic and pending outstanding data on a given subflow required to declare it stale

Default: 4
min=0max=4294967295
syn_retrans_before_tcp_fallback integer

number of SYN + MP_CAPABLE retransmissions before falling back to TCP

Default: 2
min=0
iface-ethtool_onoff boolean | string
iface-tc_qid string

qdisc id

iface-tc_protocol string | integer

protocol selector

iface-tc_prio integer

priority

iface-tc_qdisc object

traffic control queueing discipline

handle string required

qdisc id

format=^(root|[0-9a-f]+:[0-9a-f]*)$
tc-cake object

cake - common applications kept enhanced (CAKE)

kind const: "cake" required

qdisk type

Constant: "cake"
handle string

qdisc id

format=^(root|[0-9a-f]+:[0-9a-f]*)$
ack_filter boolean | string

ACKnowledge filter

Values: "aggressive" true false
atm_mode boolean | string

ATM mode

Values: "ptm" true false
autorate boolean

autorate-ingress

diffserv_mode string

diffserv mode

Values: "diffserv3" "diffserv4" "diffserv8" "besteffort" "precedence"
ingress boolean

ingress

overhead integer

overhead

min=-64max=256
flow_mode string

flow mode

Values: "flowblind" "srchost" "dsthost" "hosts" "flows" "dual-srchost" "dual-dsthost" "triple-isolated"
fwmark integer

fwmark

min=0
memlimit integer

memlimit

min=0
mpu integer

MPU

min=0max=256
nat boolean

NAT

raw boolean

RAW

rtt string | integer
split_gso boolean

split GSO

target integer

target

min=1
wash boolean

wash

iface-tc_action object[]

traffic control filter action

xdp_mode