IfState Configuration Schema
No Additional Propertiesglobal configuration settings
No Additional Propertiesoverrides per interface sysctl settings in /proc/sys/net/ipv*/conf/all/
settings in /proc/sys/net/ipv4/*/conf/
settings in /proc/sys/net/ipv6/*/conf/
default per interface sysctl settings in /proc/sys/net/ipv*/conf/default/
settings in /proc/sys/net/ipv4/*/conf/
settings in /proc/sys/net/ipv6/*/conf/
ignore patterns to skip interface, ip address or routing objects
No Additional Propertieslist of ip address prefixes to be ignored
No Additional Itemsip address with prefix length
fe80::/10
interface names matching this list of regex will be ignored
No Additional Itemsregex to match interface name
^docker\d+
^lo$
^ppp\d+$
^veth
filter routes by options
No Additional Itemsfilter rules by options
No Additional Itemsthe type of this rule
the priority of this rule
Value must be greater or equal to 0 and lesser or equal to 4294967295
select the source prefix to match
select the destination prefix to match
select the incoming device to match
select the outgoing device to match
routing protocol number (/etc/iproute2/rt_protos)
select the fwmark value to match
select the ip protocol to match
list of interface settings (link settings and ip addresses)
No Additional Itemsname of the interface
ip addresses of the interface
No Additional Items192.0.2.1
192.168.0.1/24
2001:db8::1/64
link settings of the interface
generic interface
link type
specifies a master device name or index
set device state
Dummy network interface
link type
VLAN interface
link type
set device state
specifies a master device name or index
specifies a parent device name or index
specifies the VLAN identifier to use
Value must be greater or equal to 0 and lesser or equal to 4094
VXLAN interface
link type
set device state
specifies a master device name or index
specifies the VNI
Value must be greater or equal to 0 and lesser or equal to 16777215
interface to use for tunnel endpoint communication
IPIP interface
link type
set device state
specifies a master device name or index
remote IPv4 address of the tunnel
local IPv4 address of the tunnel
SIT interface
link type
set device state
specifies a master device name or index
remote IPv4 address of the tunnel
local IPv4 address of the tunnel
GRE, GRETAP interface
link type
set device state
specifies a master device name or index
remote IPv4 address of the tunnel
local IPv4 address of the tunnel
interface to use for tunnel endpoint communication
IP6GRE, IP6GRETAP interface
link type
set device state
specifies a master device name or index
remote IPv4 address of the tunnel
local IPv4 address of the tunnel
interface to use for tunnel endpoint communication
GENEVE interface
tunnel over IPv4
remote IPv4 address of the tunnel
tunnel over IPv6
remote IPv4 address of the tunnel
link type
set device state
specifies a master device name or index
specifies the VNI to use
Value must be greater or equal to 0 and lesser or equal to 16777215
WireGuard interface; WireGuard settings can be configured using a wireguard block
link type
XFRM interface
link type
set device state
specifies a master device name or index
underlying interface used to send and receive the transformed traffic
lookup key to match xfrm policies
Value must be greater or equal to 0 and lesser or equal to 4294967295
interface sysctl settings in /proc/sys/net/ipv*/conf/{IFACE}/
settings in /proc/sys/net/ipv4/*/conf/
settings in /proc/sys/net/ipv6/*/conf/
network driver and hardware settings via ethtool(8)
pause parameters
No Additional Propertiesenable pause autonegotiation
enable Rx pause
enable Tx pause
interrupt coalescing
No Additional Propertiesrx/tx ring parameters
No Additional Propertiesnumber of ring entries for the Rx ring
number of ring entries for the Rx Mini ring
number of ring entries for the Rx Jumbo ring
number of ring entries for the Tx ring
offload parameters and other features
No Additional Propertiesenable RX checksumming
enable TX checksumming
enable scatter-gather
enable TCP segmentation offload
enable UDP fragmentation offload
enable generic segmentation offload
enable generic receive offload
enable large receive offload
enable RX VLAN acceleration
enable TX VLAN acceleration
enable Rx ntuple filters and actions
enable receive hashing offload
device settings
No Additional Propertiesspeed in Mbps
full or half duplex mode
device port selection
MDI-X mode for port
enable autonegotation
speed and duplex advertised by autonegotation
PHY address
transceiver type
Wake-on-LAN options
Must match regular expression:^[pumbagsfd]+$ SecureOnâ„¢ password
Must match regular expression:^[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}$ driver message flags
driver message flags by number
driver message flags by name
No Additional Itemsflag name
enable flag
number of channels
No Additional Propertiesnumber of channels with only receive queues
number of channels with only transmit queues
number of channels used only for other purposes
number of multi-purpose channels
Energy-Efficient Ethernet (according to the IEEE 802.3az specifications)
No Additional Propertiesenable EEE support
assert Tx LPI
sets the speed for which EEE should be enabled (see also change.advertise)
amount of idle time prior asserting Tx LPI (in microseconds)
PHY tunable parameters
No Additional Propertiesenable downshift
enable downshift
Must contain a minimum of 3 items
Must contain a maximum of 3 items
enable downshift
REQUIRED
PHY downshift re-tries count
enable Fast Link Down
enable Fast Link Down
Must contain a minimum of 3 items
Must contain a maximum of 3 items
enable Fast Link Down
REQUIRED
period after which the link is reported as down
enable Energy Detect Power Down (EDPD)
enable EDPD
Must contain a minimum of 3 items
Must contain a maximum of 3 items
enable EDPD
REQUIRED
wake-up interval for Tx pulses
private flags
Forward Error Correction
No Additional PropertiesFEC encoding
settings for WireGuard interfaces
No Additional Propertieslocal private key (consider to use the !include tag to read the key from file)
port for listening
Value must be greater or equal to 0 and lesser or equal to 65535
fwmark for outgoing packets
Value must be greater or equal to 0 and lesser or equal to 4294967295
list of peer definitions
No Additional Itemsthe peer's public key
initial endpoint IP or hostname
keepalive interval seconds
Value must be greater or equal to 0 and lesser or equal to 65535
list of prefixes in CIDR notation
No Additional ItemsIf the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.
"to_tbl" the type of this rule
the priority of this rule
Value must be greater or equal to 0 and lesser or equal to 4294967295
select the source prefix to match
select the destination prefix to match
select the incoming device to match
select the outgoing device to match
routing protocol number (/etc/iproute2/rt_protos)
select the fwmark value to match
select the ip protocol to match