ifstate 1.13.7__py3-none-any.whl → 2.0.0rc1__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (24) hide show
  1. hooks/wrapper.sh +50 -0
  2. ifstate/ifstate.py +7 -2
  3. {ifstate-1.13.7.dist-info → ifstate-2.0.0rc1.dist-info}/METADATA +1 -1
  4. ifstate-2.0.0rc1.dist-info/RECORD +38 -0
  5. libifstate/__init__.py +88 -38
  6. libifstate/hook/__init__.py +195 -0
  7. libifstate/link/__init__.py +0 -1
  8. libifstate/link/base.py +23 -31
  9. libifstate/link/physical.py +2 -2
  10. libifstate/link/tun.py +2 -2
  11. libifstate/link/veth.py +2 -2
  12. libifstate/netns/__init__.py +40 -5
  13. libifstate/parser/base.py +107 -84
  14. libifstate/routing/__init__.py +62 -16
  15. libifstate/util.py +146 -147
  16. libifstate/wireguard/__init__.py +16 -16
  17. schema/2/ifstate.conf.schema.json +4398 -0
  18. ifstate-1.13.7.dist-info/RECORD +0 -37
  19. libifstate/link/dsa.py +0 -10
  20. schema/ifstate.conf.schema.json +0 -4259
  21. {ifstate-1.13.7.dist-info → ifstate-2.0.0rc1.dist-info}/WHEEL +0 -0
  22. {ifstate-1.13.7.dist-info → ifstate-2.0.0rc1.dist-info}/entry_points.txt +0 -0
  23. {ifstate-1.13.7.dist-info → ifstate-2.0.0rc1.dist-info}/licenses/LICENSE +0 -0
  24. {ifstate-1.13.7.dist-info → ifstate-2.0.0rc1.dist-info}/top_level.txt +0 -0
schema/2/ifstate.conf.schema.json ADDED
@@ -0,0 +1,4398 @@
1
+ {
2
+ "$id": "https://ifstate.net/schema/ifstate.conf.schema.json",
3
+ "$schema": "http://json-schema.org/draft-07/schema#",
4
+ "title": "ifstate.conf",
5
+ "description": "IfState 2.0 Configuration Schema",
6
+ "type": "object",
7
+ "required": [
8
+ "interfaces"
9
+ ],
10
+ "$defs": {
11
+ "condition-vrrp": {
12
+ "description": "configure depending on vrrp status",
13
+ "type": "object",
14
+ "required": [
15
+ "name",
16
+ "type",
17
+ "states"
18
+ ],
19
+ "additionalProperties": false,
20
+ "properties": {
21
+ "name": {
22
+ "description": "related vrrp INSTANCE or GROUP name",
23
+ "type": "string"
24
+ },
25
+ "type": {
26
+ "description": "failover type",
27
+ "type": "string",
28
+ "enum": [
29
+ "instance",
30
+ "group"
31
+ ]
32
+ },
33
+ "states": {
34
+ "description": "states at which the interface should be configured",
35
+ "type": "array",
36
+ "items": [
37
+ {
38
+ "type": "string",
39
+ "enum": [
40
+ "unknown",
41
+ "fault",
42
+ "backup",
43
+ "master"
44
+ ]
45
+ }
46
+ ]
47
+ }
48
+ }
49
+ },
50
+ "ignore-fdb": {
51
+ "description": "fdb entries matching this list of regex will be ignored",
52
+ "type": "array",
53
+ "items": {
54
+ "description": "regex to match link-local addresses",
55
+ "examples": [
56
+ "^33:33:",
57
+ "^01:00:5e:"
58
+ ],
59
+ "type": "string"
60
+ }
61
+ },
62
+ "ignore-ipaddr": {
63
+ "description": "list of ip address prefixes to be ignored",
64
+ "type": "array",
65
+ "items": {
66
+ "description": "ip address with prefix length",
67
+ "type": "string",
68
+ "examples": [
69
+ "fe80::/10"
70
+ ]
71
+ }
72
+ },
73
+ "ignore-ifname": {
74
+ "description": "interface names matching this list of regex will be ignored",
75
+ "type": "array",
76
+ "items": {
77
+ "description": "regex to match interface name",
78
+ "examples": [
79
+ "^br-[\\da-f]{12}",
80
+ "^docker\\d+",
81
+ "^lo$",
82
+ "^ppp\\d+$",
83
+ "^veth",
84
+ "^virbr\\d+",
85
+ "^vrrp\\d*\\.\\d+$"
86
+ ],
87
+ "type": "string"
88
+ }
89
+ },
90
+ "ignore-routes": {
91
+ "description": "filter routes by options",
92
+ "type": "array",
93
+ "items": {
94
+ "type": "object",
95
+ "additionalProperties": false,
96
+ "properties": {
97
+ "dev": {
98
+ "type": [
99
+ "integer",
100
+ "string"
101
+ ]
102
+ },
103
+ "proto": {
104
+ "type": [
105
+ "integer",
106
+ "string"
107
+ ],
108
+ "default": "boot"
109
+ },
110
+ "realm": {
111
+ "type": [
112
+ "integer",
113
+ "string"
114
+ ]
115
+ },
116
+ "scope": {
117
+ "type": [
118
+ "integer",
119
+ "string"
120
+ ]
121
+ },
122
+ "table": {
123
+ "type": [
124
+ "integer",
125
+ "string"
126
+ ],
127
+ "default": "main"
128
+ },
129
+ "to": {
130
+ "type": "string"
131
+ },
132
+ "via": {
133
+ "type": "string"
134
+ }
135
+ }
136
+ }
137
+ },
138
+ "ignore-rules": {
139
+ "description": "filter rules by options",
140
+ "type": "array",
141
+ "items": {
142
+ "type": "object",
143
+ "additionalProperties": false,
144
+ "properties": {
145
+ "action": {
146
+ "type": [
147
+ "integer",
148
+ "string"
149
+ ],
150
+ "description": "the type of this rule",
151
+ "enum": [
152
+ "to_tbl",
153
+ "blackhole",
154
+ "unreachable",
155
+ "prohibit"
156
+ ],
157
+ "default": "to_tbl"
158
+ },
159
+ "table": {
160
+ "type": [
161
+ "integer",
162
+ "string"
163
+ ],
164
+ "minimum": 0,
165
+ "maximum": 255
166
+ },
167
+ "priority": {
168
+ "type": "integer",
169
+ "description": "the priority of this rule",
170
+ "minimum": 0,
171
+ "maximum": 4294967295
172
+ },
173
+ "from": {
174
+ "type": "string",
175
+ "description": "select the source prefix to match"
176
+ },
177
+ "to": {
178
+ "type": "string",
179
+ "description": "select the destination prefix to match"
180
+ },
181
+ "iif": {
182
+ "type": "string",
183
+ "description": "select the incoming device to match"
184
+ },
185
+ "oif": {
186
+ "type": "string",
187
+ "description": "select the outgoing device to match"
188
+ },
189
+ "proto": {
190
+ "type": [
191
+ "integer",
192
+ "string"
193
+ ],
194
+ "default": "unspec",
195
+ "description": "routing protocol number (`/etc/iproute2/rt_protos`)"
196
+ },
197
+ "fwmark": {
198
+ "type": "integer",
199
+ "description": "select the *fwmark* value to match"
200
+ },
201
+ "ipproto": {
202
+ "type": [
203
+ "integer",
204
+ "string"
205
+ ],
206
+ "description": "select the ip protocol to match"
207
+ }
208
+ }
209
+ }
210
+ },
211
+ "iface-name": {
212
+ "type": "string",
213
+ "pattern": "^[^/ ]{1,15}$"
214
+ },
215
+ "iface-ethtool": {
216
+ "description": "network driver and hardware settings via [ethtool(8)](https://man7.org/linux/man-pages/man8/ethtool.8.html)",
217
+ "type": "object",
218
+ "additionalProperties": false,
219
+ "properties": {
220
+ "pause": {
221
+ "type": "object",
222
+ "additionalProperties": false,
223
+ "description": "pause parameters",
224
+ "properties": {
225
+ "autoneg": {
226
+ "description": "enable pause autonegotiation",
227
+ "$ref": "#/$defs/iface-ethtool_onoff"
228
+ },
229
+ "rx": {
230
+ "description": "enable Rx pause",
231
+ "$ref": "#/$defs/iface-ethtool_onoff"
232
+ },
233
+ "tx": {
234
+ "description": "enable Tx pause",
235
+ "$ref": "#/$defs/iface-ethtool_onoff"
236
+ }
237
+ }
238
+ },
239
+ "coalesce": {
240
+ "type": "object",
241
+ "additionalProperties": false,
242
+ "description": "interrupt coalescing",
243
+ "properties": {
244
+ "adaptive-rx": {
245
+ "$ref": "#/$defs/iface-ethtool_onoff"
246
+ },
247
+ "adaptive-tx": {
248
+ "$ref": "#/$defs/iface-ethtool_onoff"
249
+ },
250
+ "rx-usecs": {
251
+ "type": "integer"
252
+ },
253
+ "rx-frames": {
254
+ "type": "integer"
255
+ },
256
+ "rx-usecs-irq": {
257
+ "type": "integer"
258
+ },
259
+ "rx-frames-irq": {
260
+ "type": "integer"
261
+ },
262
+ "tx-usecs": {
263
+ "type": "integer"
264
+ },
265
+ "tx-frames": {
266
+ "type": "integer"
267
+ },
268
+ "tx-usecs-irq": {
269
+ "type": "integer"
270
+ },
271
+ "tx-frames-irq": {
272
+ "type": "integer"
273
+ },
274
+ "stats-block-usecs": {
275
+ "type": "integer"
276
+ },
277
+ "pkt-rate-low": {
278
+ "type": "integer"
279
+ },
280
+ "rx-usecs-low": {
281
+ "type": "integer"
282
+ },
283
+ "rx-frames-low": {
284
+ "type": "integer"
285
+ },
286
+ "tx-usecs-low": {
287
+ "type": "integer"
288
+ },
289
+ "tx-frames-low": {
290
+ "type": "integer"
291
+ },
292
+ "pkt-rate-high": {
293
+ "type": "integer"
294
+ },
295
+ "rx-usecs-high": {
296
+ "type": "integer"
297
+ },
298
+ "rx-frames-high": {
299
+ "type": "integer"
300
+ },
301
+ "tx-usecs-high": {
302
+ "type": "integer"
303
+ },
304
+ "tx-frames-high": {
305
+ "type": "integer"
306
+ },
307
+ "sample-interval": {
308
+ "type": "integer"
309
+ }
310
+ }
311
+ },
312
+ "ring": {
313
+ "type": "object",
314
+ "additionalProperties": false,
315
+ "description": "rx/tx ring parameters",
316
+ "properties": {
317
+ "rx": {
318
+ "description": "number of ring entries for the Rx ring",
319
+ "type": "integer"
320
+ },
321
+ "rx-mmini": {
322
+ "description": "number of ring entries for the Rx Mini ring",
323
+ "type": "integer"
324
+ },
325
+ "rx-jumbo": {
326
+ "description": "number of ring entries for the Rx Jumbo ring",
327
+ "type": "integer"
328
+ },
329
+ "tx": {
330
+ "description": "number of ring entries for the Tx ring",
331
+ "type": "integer"
332
+ }
333
+ }
334
+ },
335
+ "features": {
336
+ "type": "object",
337
+ "additionalProperties": false,
338
+ "description": "offload parameters and other features",
339
+ "properties": {
340
+ "rx": {
341
+ "description": "enable RX checksumming",
342
+ "$ref": "#/$defs/iface-ethtool_onoff"
343
+ },
344
+ "tx": {
345
+ "description": "enable TX checksumming",
346
+ "$ref": "#/$defs/iface-ethtool_onoff"
347
+ },
348
+ "sg": {
349
+ "description": "enable scatter-gather",
350
+ "$ref": "#/$defs/iface-ethtool_onoff"
351
+ },
352
+ "tso": {
353
+ "description": "enable TCP segmentation offload",
354
+ "$ref": "#/$defs/iface-ethtool_onoff"
355
+ },
356
+ "ufo": {
357
+ "description": "enable UDP fragmentation offload",
358
+ "$ref": "#/$defs/iface-ethtool_onoff"
359
+ },
360
+ "gso": {
361
+ "description": "enable generic segmentation offload",
362
+ "$ref": "#/$defs/iface-ethtool_onoff"
363
+ },
364
+ "gro": {
365
+ "description": "enable generic receive offload",
366
+ "$ref": "#/$defs/iface-ethtool_onoff"
367
+ },
368
+ "lro": {
369
+ "description": "enable large receive offload",
370
+ "$ref": "#/$defs/iface-ethtool_onoff"
371
+ },
372
+ "rxvlan": {
373
+ "description": "enable RX VLAN acceleration",
374
+ "$ref": "#/$defs/iface-ethtool_onoff"
375
+ },
376
+ "txvlan": {
377
+ "description": "enable TX VLAN acceleration",
378
+ "$ref": "#/$defs/iface-ethtool_onoff"
379
+ },
380
+ "ntuple": {
381
+ "description": "enable Rx ntuple filters and actions",
382
+ "$ref": "#/$defs/iface-ethtool_onoff"
383
+ },
384
+ "rxhash": {
385
+ "description": "enable receive hashing offload",
386
+ "$ref": "#/$defs/iface-ethtool_onoff"
387
+ }
388
+ }
389
+ },
390
+ "change": {
391
+ "type": "object",
392
+ "additionalProperties": false,
393
+ "description": "device settings",
394
+ "properties": {
395
+ "speed": {
396
+ "description": "speed in Mbps",
397
+ "type": "integer"
398
+ },
399
+ "duplex": {
400
+ "description": "full or half duplex mode",
401
+ "type": "string",
402
+ "enum": [
403
+ "half",
404
+ "full"
405
+ ]
406
+ },
407
+ "port": {
408
+ "description": "device port selection",
409
+ "type": "string",
410
+ "enum": [
411
+ "tp",
412
+ "aui",
413
+ "bnc",
414
+ "mii"
415
+ ]
416
+ },
417
+ "mdix": {
418
+ "description": "MDI-X mode for port",
419
+ "type": [
420
+ "boolean",
421
+ "string"
422
+ ],
423
+ "enum": [
424
+ "auto",
425
+ "on",
426
+ "off",
427
+ true,
428
+ false
429
+ ]
430
+ },
431
+ "autoneg": {
432
+ "description": "enable autonegotation",
433
+ "$ref": "#/$defs/iface-ethtool_onoff"
434
+ },
435
+ "advertise": {
436
+ "description": "speed and duplex advertised by autonegotation",
437
+ "type": "integer"
438
+ },
439
+ "phyad": {
440
+ "description": "PHY address",
441
+ "type": "integer"
442
+ },
443
+ "xcvr": {
444
+ "description": "transceiver type",
445
+ "type": "string",
446
+ "enum": [
447
+ "internal",
448
+ "external"
449
+ ]
450
+ },
451
+ "wol": {
452
+ "description": "Wake-on-LAN options",
453
+ "type": "string",
454
+ "pattern": "^[pumbagsfd]+$"
455
+ },
456
+ "sopass": {
457
+ "description": "SecureOn™ password",
458
+ "type": "string",
459
+ "pattern": "^[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}$"
460
+ },
461
+ "msglvl": {
462
+ "description": "driver message flags",
463
+ "oneOf": [
464
+ {
465
+ "description": "driver message flags by number",
466
+ "type": "integer"
467
+ },
468
+ {
469
+ "description": "driver message flags by name",
470
+ "type": "array",
471
+ "items": [
472
+ {
473
+ "description": "flag name",
474
+ "type": "string",
475
+ "enum": [
476
+ "drv",
477
+ "probe",
478
+ "link",
479
+ "timer",
480
+ "ifdown",
481
+ "ifup",
482
+ "rx_err",
483
+ "tx_err",
484
+ "tx_queued",
485
+ "intr",
486
+ "tx_done",
487
+ "rx_status",
488
+ "pktdata",
489
+ "hw",
490
+ "wol"
491
+ ]
492
+ },
493
+ {
494
+ "description": "enable flag",
495
+ "$ref": "#/$defs/iface-ethtool_onoff"
496
+ }
497
+ ]
498
+ }
499
+ ]
500
+ }
501
+ }
502
+ },
503
+ "channels": {
504
+ "type": "object",
505
+ "additionalProperties": false,
506
+ "description": "number of channels",
507
+ "properties": {
508
+ "rx": {
509
+ "description": "number of channels with only receive queues",
510
+ "type": "integer"
511
+ },
512
+ "tx": {
513
+ "description": "number of channels with only transmit queues",
514
+ "type": "integer"
515
+ },
516
+ "other": {
517
+ "description": "number of channels used only for other purposes",
518
+ "type": "integer"
519
+ },
520
+ "combined": {
521
+ "description": "number of multi-purpose channels",
522
+ "type": "integer"
523
+ }
524
+ }
525
+ },
526
+ "eee": {
527
+ "type": "object",
528
+ "additionalProperties": false,
529
+ "description": "Energy-Efficient Ethernet (according to the IEEE 802.3az specifications)",
530
+ "properties": {
531
+ "eee": {
532
+ "description": "enable EEE support",
533
+ "$ref": "#/$defs/iface-ethtool_onoff"
534
+ },
535
+ "tx-lpi": {
536
+ "description": "assert Tx LPI",
537
+ "$ref": "#/$defs/iface-ethtool_onoff"
538
+ },
539
+ "advertise": {
540
+ "description": "sets the speed for which EEE should be enabled (see also `change.advertise`)",
541
+ "type": "integer"
542
+ },
543
+ "tx-timer": {
544
+ "description": "amount of idle time prior asserting Tx LPI (in microseconds)",
545
+ "type": "integer"
546
+ }
547
+ }
548
+ },
549
+ "phy-tunable": {
550
+ "type": "object",
551
+ "additionalProperties": false,
552
+ "description": "PHY tunable parameters",
553
+ "properties": {
554
+ "downshift": {
555
+ "description": "enable downshift",
556
+ "oneOf": [
557
+ {
558
+ "description": "enable downshift",
559
+ "$ref": "#/$defs/iface-ethtool_onoff"
560
+ },
561
+ {
562
+ "type": "array",
563
+ "minItems": 3,
564
+ "maxItems": 3,
565
+ "items": [
566
+ {
567
+ "description": "enable downshift",
568
+ "$ref": "#/$defs/iface-ethtool_onoff"
569
+ },
570
+ {
571
+ "description": "*REQUIRED*",
572
+ "type": "string",
573
+ "enum": [
574
+ "count"
575
+ ]
576
+ },
577
+ {
578
+ "description": "PHY downshift re-tries count",
579
+ "type": "integer"
580
+ }
581
+ ]
582
+ }
583
+ ]
584
+ },
585
+ "fast-link-down": {
586
+ "description": "enable Fast Link Down",
587
+ "oneOf": [
588
+ {
589
+ "description": "enable Fast Link Down",
590
+ "$ref": "#/$defs/iface-ethtool_onoff"
591
+ },
592
+ {
593
+ "type": "array",
594
+ "minItems": 3,
595
+ "maxItems": 3,
596
+ "items": [
597
+ {
598
+ "description": "enable Fast Link Down",
599
+ "$ref": "#/$defs/iface-ethtool_onoff"
600
+ },
601
+ {
602
+ "description": "*REQUIRED*",
603
+ "type": "string",
604
+ "enum": [
605
+ "msec"
606
+ ]
607
+ },
608
+ {
609
+ "description": "period after which the link is reported as down",
610
+ "type": "integer"
611
+ }
612
+ ]
613
+ }
614
+ ]
615
+ },
616
+ "energy-detect-power-down": {
617
+ "description": "enable Energy Detect Power Down (EDPD)",
618
+ "oneOf": [
619
+ {
620
+ "description": "enable EDPD",
621
+ "$ref": "#/$defs/iface-ethtool_onoff"
622
+ },
623
+ {
624
+ "type": "array",
625
+ "minItems": 3,
626
+ "maxItems": 3,
627
+ "items": [
628
+ {
629
+ "description": "enable EDPD",
630
+ "$ref": "#/$defs/iface-ethtool_onoff"
631
+ },
632
+ {
633
+ "description": "*REQUIRED*",
634
+ "type": "string",
635
+ "enum": [
636
+ "msec"
637
+ ]
638
+ },
639
+ {
640
+ "description": "wake-up interval for Tx pulses",
641
+ "type": "integer"
642
+ }
643
+ ]
644
+ }
645
+ ]
646
+ }
647
+ }
648
+ },
649
+ "priv-flags": {
650
+ "type": "object",
651
+ "description": "private flags"
652
+ },
653
+ "fec": {
654
+ "type": "object",
655
+ "additionalProperties": false,
656
+ "description": "Forward Error Correction",
657
+ "properties": {
658
+ "encoding": {
659
+ "description": "FEC encoding",
660
+ "type": [
661
+ "string",
662
+ "array"
663
+ ],
664
+ "enum": [
665
+ "auto",
666
+ "off",
667
+ "RS",
668
+ "BaseR",
669
+ "LLRS"
670
+ ],
671
+ "items": {
672
+ "type": "string",
673
+ "enum": [
674
+ "auto",
675
+ "RS",
676
+ "BaseR",
677
+ "LLRS"
678
+ ]
679
+ }
680
+ }
681
+ }
682
+ }
683
+ }
684
+ },
685
+ "iface-link_address": {
686
+ "type": "string",
687
+ "description": "link mac address (xx:xx:xx:xx:xx:xx)",
688
+ "pattern": "^([a-fA-F0-9]{2}([:-]?)([a-fA-F0-9]{2}\\2){4}[a-fA-F0-9]{2}|[a-fA-F0-9]{4}\\.[a-fA-F0-9]{4}\\.[a-fA-F0-9]{4})$"
689
+ },
690
+ "iface-link_bind-netns": {
691
+ "type": [
692
+ "string",
693
+ "null"
694
+ ],
695
+ "description": "specifies the netns name or null where the tunnel or underlay should be bind, if not set the binding will happen in the netns namespace of the link"
696
+ },
697
+ "iface-link_group": {
698
+ "type": [
699
+ "integer",
700
+ "string"
701
+ ],
702
+ "description": "specifies a device group name or index"
703
+ },
704
+ "iface-link_link": {
705
+ "type": [
706
+ "integer",
707
+ "string"
708
+ ],
709
+ "description": "specifies the base link name or index"
710
+ },
711
+ "iface-link_link-netns": {
712
+ "type": [
713
+ "string",
714
+ "null"
715
+ ],
716
+ "description": "specifies the base link's netns name or null if the link isn't in a netns namespace"
717
+ },
718
+ "iface-link_master": {
719
+ "type": [
720
+ "integer",
721
+ "string",
722
+ "null"
723
+ ],
724
+ "description": "specifies a master device name or index, use *null* to remove the master"
725
+ },
726
+ "iface-link_master-netns": {
727
+ "type": [
728
+ "string",
729
+ "null"
730
+ ],
731
+ "description": "specifies the master's netns name or null if the master isn't in a netns namespace"
732
+ },
733
+ "iface-link_mtu": {
734
+ "type": "integer",
735
+ "description": "change the mtu of the device",
736
+ "minimum": 68,
737
+ "maximum": 65536
738
+ },
739
+ "iface-link_state": {
740
+ "type": "string",
741
+ "description": "set device state",
742
+ "enum": [
743
+ "up",
744
+ "down"
745
+ ]
746
+ },
747
+ "iface-link_txqlen": {
748
+ "type": "integer",
749
+ "description": "the transmit queue length of the device"
750
+ },
751
+ "iface-link_ifalias": {
752
+ "type": [
753
+ "null",
754
+ "string"
755
+ ],
756
+ "description": "symbolic name for easy reference"
757
+ },
758
+ "iface-link_tun-remote4": {
759
+ "type": "string",
760
+ "description": "remote IPv4 address of the tunnel",
761
+ "format": "ipv4"
762
+ },
763
+ "iface-link_tun-local4": {
764
+ "type": "string",
765
+ "description": "local IPv4 address of the tunnel",
766
+ "format": "ipv4"
767
+ },
768
+ "iface-link_tun-remote6": {
769
+ "type": "string",
770
+ "description": "remote IPv4 address of the tunnel",
771
+ "format": "ipv6"
772
+ },
773
+ "iface-link_tun-local6": {
774
+ "type": "string",
775
+ "description": "local IPv4 address of the tunnel",
776
+ "format": "ipv6"
777
+ },
778
+ "iface-link_tun-dev": {
779
+ "$ref": "#/$defs/iface-link_link",
780
+ "description": "interface to use for tunnel endpoint communication"
781
+ },
782
+ "iface-sysctl-ipv4": {
783
+ "type": "object",
784
+ "description": "settings in `/proc/sys/net/ipv4/<interface>/conf/`",
785
+ "properties": {
786
+ "accept_local": {
787
+ "type": "integer"
788
+ },
789
+ "accept_redirects": {
790
+ "type": "integer"
791
+ },
792
+ "accept_source_route": {
793
+ "type": "integer"
794
+ },
795
+ "arp_accept": {
796
+ "type": "integer"
797
+ },
798
+ "arp_announce": {
799
+ "type": "integer"
800
+ },
801
+ "arp_filter": {
802
+ "type": "integer"
803
+ },
804
+ "arp_ignore": {
805
+ "type": "integer"
806
+ },
807
+ "arp_notify": {
808
+ "type": "integer"
809
+ },
810
+ "bc_forwarding": {
811
+ "type": "integer"
812
+ },
813
+ "bootp_relay": {
814
+ "type": "integer"
815
+ },
816
+ "disable_policy": {
817
+ "type": "integer"
818
+ },
819
+ "disable_xfrm": {
820
+ "type": "integer"
821
+ },
822
+ "drop_gratuitous_arp": {
823
+ "type": "integer"
824
+ },
825
+ "drop_unicast_in_l2_multicast": {
826
+ "type": "integer"
827
+ },
828
+ "force_igmp_version": {
829
+ "type": "integer"
830
+ },
831
+ "forwarding": {
832
+ "type": "integer"
833
+ },
834
+ "igmpv2_unsolicited_report_interval": {
835
+ "type": "integer"
836
+ },
837
+ "igmpv3_unsolicited_report_interval": {
838
+ "type": "integer"
839
+ },
840
+ "ignore_routes_with_linkdown": {
841
+ "type": "integer"
842
+ },
843
+ "log_martians": {
844
+ "type": "integer"
845
+ },
846
+ "mc_forwarding": {
847
+ "type": "integer"
848
+ },
849
+ "medium_id": {
850
+ "type": "integer"
851
+ },
852
+ "promote_secondaries": {
853
+ "type": "integer"
854
+ },
855
+ "proxy_arp": {
856
+ "type": "integer"
857
+ },
858
+ "proxy_arp_pvlan": {
859
+ "type": "integer"
860
+ },
861
+ "route_localnet": {
862
+ "type": "integer"
863
+ },
864
+ "rp_filter": {
865
+ "type": "integer"
866
+ },
867
+ "secure_redirects": {
868
+ "type": "integer"
869
+ },
870
+ "send_redirects": {
871
+ "type": "integer"
872
+ },
873
+ "shared_media": {
874
+ "type": "integer"
875
+ },
876
+ "src_valid_mark": {
877
+ "type": "integer"
878
+ },
879
+ "tag": {
880
+ "type": "integer"
881
+ }
882
+ }
883
+ },
884
+ "iface-sysctl-ipv6": {
885
+ "type": "object",
886
+ "description": "settings in `/proc/sys/net/ipv6/<interface>/conf/`",
887
+ "additionalProperties": false,
888
+ "properties": {
889
+ "accept_dad": {
890
+ "type": "integer"
891
+ },
892
+ "accept_ra": {
893
+ "type": "integer"
894
+ },
895
+ "accept_ra_defrtr": {
896
+ "type": "integer"
897
+ },
898
+ "accept_ra_from_local": {
899
+ "type": "integer"
900
+ },
901
+ "accept_ra_min_hop_limit": {
902
+ "type": "integer"
903
+ },
904
+ "accept_ra_mtu": {
905
+ "type": "integer"
906
+ },
907
+ "accept_ra_pinfo": {
908
+ "type": "integer"
909
+ },
910
+ "accept_ra_rt_info_max_plen": {
911
+ "type": "integer"
912
+ },
913
+ "accept_ra_rt_info_min_plen": {
914
+ "type": "integer"
915
+ },
916
+ "accept_ra_rtr_pref": {
917
+ "type": "integer"
918
+ },
919
+ "accept_redirects": {
920
+ "type": "integer"
921
+ },
922
+ "accept_source_route": {
923
+ "type": "integer"
924
+ },
925
+ "addr_gen_mode": {
926
+ "type": "integer"
927
+ },
928
+ "autoconf": {
929
+ "type": "integer"
930
+ },
931
+ "dad_transmits": {
932
+ "type": "integer"
933
+ },
934
+ "disable_ipv6": {
935
+ "type": "integer"
936
+ },
937
+ "disable_policy": {
938
+ "type": "integer"
939
+ },
940
+ "drop_unicast_in_l2_multicast": {
941
+ "type": "integer"
942
+ },
943
+ "drop_unsolicited_na": {
944
+ "type": "integer"
945
+ },
946
+ "enhanced_dad": {
947
+ "type": "integer"
948
+ },
949
+ "force_mld_version": {
950
+ "type": "integer"
951
+ },
952
+ "force_tllao": {
953
+ "type": "integer"
954
+ },
955
+ "forwarding": {
956
+ "type": "integer"
957
+ },
958
+ "hop_limit": {
959
+ "type": "integer"
960
+ },
961
+ "ignore_routes_with_linkdown": {
962
+ "type": "integer"
963
+ },
964
+ "keep_addr_on_down": {
965
+ "type": "integer"
966
+ },
967
+ "max_addresses": {
968
+ "type": "integer"
969
+ },
970
+ "max_desync_factor": {
971
+ "type": "integer"
972
+ },
973
+ "mc_forwarding": {
974
+ "type": "integer"
975
+ },
976
+ "mldv1_unsolicited_report_interval": {
977
+ "type": "integer"
978
+ },
979
+ "mldv2_unsolicited_report_interval": {
980
+ "type": "integer"
981
+ },
982
+ "mtu": {
983
+ "type": "integer"
984
+ },
985
+ "ndisc_notify": {
986
+ "type": "integer"
987
+ },
988
+ "ndisc_tclass": {
989
+ "type": "integer"
990
+ },
991
+ "optimistic_dad": {
992
+ "type": "integer"
993
+ },
994
+ "proxy_ndp": {
995
+ "type": "integer"
996
+ },
997
+ "regen_max_retry": {
998
+ "type": "integer"
999
+ },
1000
+ "router_probe_interval": {
1001
+ "type": "integer"
1002
+ },
1003
+ "router_solicitation_delay": {
1004
+ "type": "integer"
1005
+ },
1006
+ "router_solicitation_interval": {
1007
+ "type": "integer"
1008
+ },
1009
+ "router_solicitation_max_interval": {
1010
+ "type": "integer"
1011
+ },
1012
+ "router_solicitations": {
1013
+ "type": "integer"
1014
+ },
1015
+ "seg6_enabled": {
1016
+ "type": "integer"
1017
+ },
1018
+ "seg6_require_hmac": {
1019
+ "type": "integer"
1020
+ },
1021
+ "stable_secret": {
1022
+ "type": "string",
1023
+ "format": "ipv6"
1024
+ },
1025
+ "suppress_frag_ndisc": {
1026
+ "type": "integer"
1027
+ },
1028
+ "temp_prefered_lft": {
1029
+ "type": "integer"
1030
+ },
1031
+ "temp_valid_lft": {
1032
+ "type": "integer"
1033
+ },
1034
+ "use_oif_addrs_only": {
1035
+ "type": "integer"
1036
+ },
1037
+ "use_optimistic": {
1038
+ "type": "integer"
1039
+ },
1040
+ "use_tempaddr": {
1041
+ "type": "integer"
1042
+ }
1043
+ }
1044
+ },
1045
+ "iface-sysctl-mpls": {
1046
+ "description": "MPLS [sysctl settings](https://www.kernel.org/doc/Documentation/networking/mpls-sysctl.txt) in `/proc/sys/net/mpls/`",
1047
+ "type": "object",
1048
+ "additionalProperties": false,
1049
+ "properties": {
1050
+ "platform_labels": {
1051
+ "type": "integer",
1052
+ "description": "number of entries in the platform label table",
1053
+ "minimum": 0,
1054
+ "maximum": 1048575
1055
+ },
1056
+ "ip_ttl_propagate": {
1057
+ "type": "integer",
1058
+ "description": "control whether TTL is propagated",
1059
+ "minimum": 0,
1060
+ "maximum": 1
1061
+ },
1062
+ "default_ttl": {
1063
+ "type": "integer",
1064
+ "description": "default TTL value to use for MPLS packets",
1065
+ "minimum": 1,
1066
+ "maximum": 255
1067
+ }
1068
+ }
1069
+ },
1070
+ "iface-sysctl-mpls-link": {
1071
+ "description": "MPLS [interface sysctl settings](https://www.kernel.org/doc/Documentation/networking/mpls-sysctl.txt) in `/proc/sys/net/mpls/<interface>/`",
1072
+ "type": "object",
1073
+ "additionalProperties": false,
1074
+ "properties": {
1075
+ "input": {
1076
+ "type": "integer",
1077
+ "description": "control whether packets can be input on this interface",
1078
+ "minimum": 0,
1079
+ "maximum": 1
1080
+ }
1081
+ }
1082
+ },
1083
+ "iface-sysctl-mptcp": {
1084
+ "description": "Multipath TCP [sysctl settings](https://www.kernel.org/doc/Documentation/networking/mptcp-sysctl.rst) in `/proc/sys/net/mptcp/`",
1085
+ "type": "object",
1086
+ "additionalProperties": false,
1087
+ "properties": {
1088
+ "add_addr_timeout": {
1089
+ "type": "integer",
1090
+ "default": 120,
1091
+ "description": "timeout in seconds after which an ADD_ADDR control message will be resent",
1092
+ "minimum": -8589934,
1093
+ "maximum": 8589934
1094
+ },
1095
+ "allow_join_initial_addr_port": {
1096
+ "type": "boolean",
1097
+ "default": true,
1098
+ "description": "allow peers to send join requests to the IP address and port number used by the initial subflow"
1099
+ },
1100
+ "blackhole_timeout": {
1101
+ "type": "integer",
1102
+ "default": 3600,
1103
+ "description": "initial time period in second to disable MPTCP on active MPTCP sockets when a MPTCP firewall blackhole issue happens",
1104
+ "minimum": 0,
1105
+ "maximum": 2147483647
1106
+ },
1107
+ "checksum_enabled": {
1108
+ "type": "boolean",
1109
+ "default": false,
1110
+ "description": "control whether DSS checksum can be enabled"
1111
+ },
1112
+ "close_timeout": {
1113
+ "type": "integer",
1114
+ "default": 60,
1115
+ "description": "set the make-after-break timeout",
1116
+ "minimum": -8589934,
1117
+ "maximum": 8589934
1118
+ },
1119
+ "enabled": {
1120
+ "type": "boolean",
1121
+ "default": true,
1122
+ "description": "control whether MPTCP sockets can be created"
1123
+ },
1124
+ "path_manager": {
1125
+ "type": "string",
1126
+ "default": "kernel",
1127
+ "description": "control whether MPTCP sockets can be created",
1128
+ "enum": [
1129
+ "kernel",
1130
+ "userspace"
1131
+ ]
1132
+ },
1133
+ "pm_type": {
1134
+ "type": "integer",
1135
+ "description": "set the default path manager type to use for each new MPTCP socket",
1136
+ "enum": [
1137
+ 0,
1138
+ 1
1139
+ ],
1140
+ "deprecated": true
1141
+ },
1142
+ "scheduler": {
1143
+ "type": "string",
1144
+ "default": "default",
1145
+ "description": "select the scheduler of your choice"
1146
+ },
1147
+ "stale_loss_cnt": {
1148
+ "type": "integer",
1149
+ "default": 4,
1150
+ "description": "number of MPTCP-level retransmission intervals with no traffic and pending outstanding data on a given subflow required to declare it stale",
1151
+ "minimum": 0,
1152
+ "maximum": 4294967295
1153
+ },
1154
+ "syn_retrans_before_tcp_fallback": {
1155
+ "type": "integer",
1156
+ "default": 2,
1157
+ "description": "number of SYN + MP_CAPABLE retransmissions before falling back to TCP",
1158
+ "minimum": 0
1159
+ }
1160
+ }
1161
+ },
1162
+ "iface-ethtool_onoff": {
1163
+ "type": [
1164
+ "boolean",
1165
+ "string"
1166
+ ],
1167
+ "enum": [
1168
+ "on",
1169
+ "off",
1170
+ true,
1171
+ false
1172
+ ]
1173
+ },
1174
+ "iface-tc_qid": {
1175
+ "type": "string",
1176
+ "description": "qdisc id",
1177
+ "format": "^(root|[0-9a-f]+:[0-9a-f]*)$"
1178
+ },
1179
+ "iface-tc_protocol": {
1180
+ "type": [
1181
+ "string",
1182
+ "integer"
1183
+ ],
1184
+ "description": "protocol selector",
1185
+ "minLength": 2,
1186
+ "minimum": 0,
1187
+ "maximum": 255,
1188
+ "default": 3
1189
+ },
1190
+ "iface-tc_prio": {
1191
+ "type": "integer",
1192
+ "description": "priority",
1193
+ "minimum": 0,
1194
+ "maximum": 65535
1195
+ },
1196
+ "iface-tc_qdisc": {
1197
+ "description": "traffic control queueing discipline",
1198
+ "type": "object",
1199
+ "required": [
1200
+ "handle"
1201
+ ],
1202
+ "properties": {
1203
+ "handle": {
1204
+ "description": "unique id",
1205
+ "$ref": "#/$defs/iface-tc_qid"
1206
+ }
1207
+ },
1208
+ "oneOf": [
1209
+ {
1210
+ "description": "generic classless qdisc",
1211
+ "required": [
1212
+ "kind"
1213
+ ],
1214
+ "properties": {
1215
+ "kind": {
1216
+ "type": "string",
1217
+ "description": "qdisk type",
1218
+ "enum": [
1219
+ "gred",
1220
+ "hhf",
1221
+ "mqprio",
1222
+ "multiq",
1223
+ "netem",
1224
+ "pfifo_fast",
1225
+ "pie",
1226
+ "red",
1227
+ "sfb",
1228
+ "sfq",
1229
+ "tbf"
1230
+ ]
1231
+ }
1232
+ }
1233
+ },
1234
+ {
1235
+ "$ref": "#/$defs/tc-cake"
1236
+ },
1237
+ {
1238
+ "description": "[choke](https://man7.org/linux/man-pages/man8/tc-choke.8.html) - choose and keep scheduler",
1239
+ "required": [
1240
+ "kind",
1241
+ "limit",
1242
+ "min",
1243
+ "max",
1244
+ "avpkt",
1245
+ "burst",
1246
+ "probability"
1247
+ ],
1248
+ "properties": {
1249
+ "kind": {
1250
+ "const": "choke",
1251
+ "description": "qdisk type"
1252
+ }
1253
+ }
1254
+ },
1255
+ {
1256
+ "description": "[CoDel](https://man7.org/linux/man-pages/man8/tc-codel.8.html) - Controlled-Delay Active Queue Management algorithm",
1257
+ "required": [
1258
+ "kind"
1259
+ ],
1260
+ "properties": {
1261
+ "kind": {
1262
+ "const": "codel",
1263
+ "description": "qdisk type"
1264
+ }
1265
+ }
1266
+ },
1267
+ {
1268
+ "description": "[bfifo](https://man7.org/linux/man-pages/man8/tc-bfifo.8.html) - Byte limited First In, First Out queue; [pfifo](https://man7.org/linux/man-pages/man8/tc-pfifo.8.html) - Packet limited First In, First Out queue",
1269
+ "required": [
1270
+ "kind"
1271
+ ],
1272
+ "additionalProperties": false,
1273
+ "properties": {
1274
+ "kind": {
1275
+ "type": "string",
1276
+ "description": "qdisk type",
1277
+ "enum": [
1278
+ "bfifo",
1279
+ "pfifo"
1280
+ ]
1281
+ },
1282
+ "limit": {
1283
+ "type": "number",
1284
+ "description": "queue size in bytes or packets"
1285
+ }
1286
+ }
1287
+ },
1288
+ {
1289
+ "description": "[fq](https://man7.org/linux/man-pages/man8/tc-fq.8.html) - Fair Queue traffic policing",
1290
+ "required": [
1291
+ "kind"
1292
+ ],
1293
+ "properties": {
1294
+ "kind": {
1295
+ "const": "fq",
1296
+ "description": "qdisk type"
1297
+ },
1298
+ "limit": {
1299
+ "type": "number",
1300
+ "description": "hard limit on the real queue size (number of packets)"
1301
+ },
1302
+ "flow_limit": {
1303
+ "type": "number",
1304
+ "description": "hard limit on the max number of packets per flow"
1305
+ }
1306
+ }
1307
+ },
1308
+ {
1309
+ "description": "[fq_codel](https://man7.org/linux/man-pages/man8/tc-fq_codel.8.html) - Fair Queuing (FQ) with Controlled Delay (CoDel)",
1310
+ "required": [
1311
+ "kind"
1312
+ ],
1313
+ "properties": {
1314
+ "kind": {
1315
+ "const": "fq_codel",
1316
+ "description": "qdisk type"
1317
+ },
1318
+ "limit": {
1319
+ "type": "number",
1320
+ "description": "hard limit on the real queue size (number of packets)"
1321
+ },
1322
+ "flows": {
1323
+ "type": "number",
1324
+ "description": "number of flows"
1325
+ }
1326
+ }
1327
+ },
1328
+ {
1329
+ "description": "generic classful qdisc",
1330
+ "required": [
1331
+ "kind"
1332
+ ],
1333
+ "properties": {
1334
+ "kind": {
1335
+ "type": "string",
1336
+ "description": "qdisk type",
1337
+ "enum": [
1338
+ "atm",
1339
+ "cbq",
1340
+ "drr",
1341
+ "dsmark",
1342
+ "hfsc",
1343
+ "htb",
1344
+ "prio",
1345
+ "qfq"
1346
+ ]
1347
+ }
1348
+ }
1349
+ },
1350
+ {
1351
+ "description": "classful multiqueue dummy scheduler",
1352
+ "required": [
1353
+ "kind",
1354
+ "children"
1355
+ ],
1356
+ "properties": {
1357
+ "kind": {
1358
+ "const": "mq",
1359
+ "description": "qdisk type"
1360
+ },
1361
+ "children": {
1362
+ "description": "list child qdiscs for each device TX queue",
1363
+ "type": "array",
1364
+ "items": {
1365
+ "description": "child qdiscs for the nth device TX queue",
1366
+ "$ref": "#/$defs/iface-tc_qdisc"
1367
+ }
1368
+ }
1369
+ }
1370
+ }
1371
+ ]
1372
+ },
1373
+ "tc-cake": {
1374
+ "description": "[cake](https://man7.org/linux/man-pages/man8/tc-cake.8.html) - common applications kept enhanced (CAKE)",
1375
+ "required": [
1376
+ "kind"
1377
+ ],
1378
+ "properties": {
1379
+ "kind": {
1380
+ "const": "cake",
1381
+ "description": "qdisk type"
1382
+ },
1383
+ "handle": {
1384
+ "description": "unique id",
1385
+ "$ref": "#/$defs/iface-tc_qid"
1386
+ },
1387
+ "ack_filter": {
1388
+ "description": "ACKnowledge filter",
1389
+ "type": [
1390
+ "boolean",
1391
+ "string"
1392
+ ],
1393
+ "enum": [
1394
+ "aggressive",
1395
+ true,
1396
+ false
1397
+ ]
1398
+ },
1399
+ "atm_mode": {
1400
+ "description": "ATM mode",
1401
+ "type": [
1402
+ "boolean",
1403
+ "string"
1404
+ ],
1405
+ "enum": [
1406
+ "ptm",
1407
+ true,
1408
+ false
1409
+ ]
1410
+ },
1411
+ "autorate": {
1412
+ "type": "boolean",
1413
+ "description": "autorate-ingress"
1414
+ },
1415
+ "diffserv_mode": {
1416
+ "type": "string",
1417
+ "description": "diffserv mode",
1418
+ "enum": [
1419
+ "diffserv3",
1420
+ "diffserv4",
1421
+ "diffserv8",
1422
+ "besteffort",
1423
+ "precedence"
1424
+ ]
1425
+ },
1426
+ "ingress": {
1427
+ "description": "ingress",
1428
+ "type": "boolean"
1429
+ },
1430
+ "overhead": {
1431
+ "description": "overhead",
1432
+ "type": "integer",
1433
+ "minimum": -64,
1434
+ "maximum": 256
1435
+ },
1436
+ "flow_mode": {
1437
+ "description": "flow mode",
1438
+ "type": "string",
1439
+ "enum": [
1440
+ "flowblind",
1441
+ "srchost",
1442
+ "dsthost",
1443
+ "hosts",
1444
+ "flows",
1445
+ "dual-srchost",
1446
+ "dual-dsthost",
1447
+ "triple-isolated"
1448
+ ]
1449
+ },
1450
+ "fwmark": {
1451
+ "description": "fwmark",
1452
+ "type": "integer",
1453
+ "minimum": 0
1454
+ },
1455
+ "memlimit": {
1456
+ "description": "memlimit",
1457
+ "type": "integer",
1458
+ "minimum": 0
1459
+ },
1460
+ "mpu": {
1461
+ "description": "MPU",
1462
+ "type": "integer",
1463
+ "minimum": 0,
1464
+ "maximum": 256
1465
+ },
1466
+ "nat": {
1467
+ "description": "NAT",
1468
+ "type": "boolean"
1469
+ },
1470
+ "raw": {
1471
+ "description": "RAW",
1472
+ "type": "boolean"
1473
+ },
1474
+ "rtt": {
1475
+ "oneOf": [
1476
+ {
1477
+ "type": "string",
1478
+ "description": "well-known RTT",
1479
+ "enum": [
1480
+ "datacentre",
1481
+ "lan",
1482
+ "metro",
1483
+ "regional",
1484
+ "internet",
1485
+ "oceanic",
1486
+ "satellite",
1487
+ "interplanetary"
1488
+ ]
1489
+ },
1490
+ {
1491
+ "type": "integer",
1492
+ "description": "manually specify an RTT (us)",
1493
+ "minimum": 1
1494
+ }
1495
+ ]
1496
+ },
1497
+ "split_gso": {
1498
+ "description": "split GSO",
1499
+ "type": "boolean"
1500
+ },
1501
+ "target": {
1502
+ "type": "integer",
1503
+ "description": "target",
1504
+ "minimum": 1
1505
+ },
1506
+ "wash": {
1507
+ "description": "wash",
1508
+ "type": "boolean"
1509
+ }
1510
+ }
1511
+ },
1512
+ "iface-tc_action": {
1513
+ "description": "traffic control filter action",
1514
+ "type": "array",
1515
+ "items": {
1516
+ "type": "object",
1517
+ "required": [
1518
+ "kind"
1519
+ ],
1520
+ "properties": {
1521
+ "kind": {
1522
+ "const": "mirred"
1523
+ }
1524
+ },
1525
+ "oneOf": [
1526
+ {
1527
+ "description": "[mirred](https://man7.org/linux/man-pages/man8/tc-mirred.8.html) - mirror/redirect action",
1528
+ "additionalProperties": false,
1529
+ "required": [
1530
+ "direction",
1531
+ "action",
1532
+ "dev"
1533
+ ],
1534
+ "properties": {
1535
+ "kind": {
1536
+ "const": "mirred"
1537
+ },
1538
+ "direction": {
1539
+ "description": "packet direction",
1540
+ "type": "string",
1541
+ "enum": [
1542
+ "ingress",
1543
+ "egress"
1544
+ ]
1545
+ },
1546
+ "action": {
1547
+ "description": "copy (`mirror`) or move (`redirect`) packets to the destination interface",
1548
+ "type": "string",
1549
+ "enum": [
1550
+ "mirror",
1551
+ "redirect"
1552
+ ]
1553
+ },
1554
+ "dev": {
1555
+ "description": "destination interface where packets are redirected or mirrored to",
1556
+ "$ref": "#/$defs/iface-link_link"
1557
+ },
1558
+ "index": {
1559
+ "description": "unique action ID",
1560
+ "type": "integer",
1561
+ "minimum": 0,
1562
+ "maximum": 4294967295
1563
+ }
1564
+ }
1565
+ }
1566
+ ]
1567
+ }
1568
+ },
1569
+ "xdp_mode": {
1570
+ "mode": {
1571
+ "oneOf": [
1572
+ {
1573
+ "description": "force attach mode of the XDP program (`auto`: let the kernel choose, `xdp`: run inside driver, `xdpgeneric`: driver-independent before SKB allocation, `xdpoffload`: offload to SmartNIC co-processor)",
1574
+ "type": "string",
1575
+ "enum": [
1576
+ "auto",
1577
+ "xdp",
1578
+ "xdpgeneric",
1579
+ "xdpoffload"
1580
+ ],
1581
+ "default": "auto"
1582
+ },
1583
+ {
1584
+ "description": "allowed attach modes of the XDP program (`xdp`: run inside driver, `xdpgeneric`: driver-independent before SKB allocation, `xdpoffload`: offload to SmartNIC co-processor)",
1585
+ "type": "array",
1586
+ "items": {
1587
+ "type": "string",
1588
+ "enum": [
1589
+ "xdp",
1590
+ "xdpgeneric",
1591
+ "xdpoffload"
1592
+ ]
1593
+ }
1594
+ }
1595
+ ]
1596
+ }
1597
+ }
1598
+ },
1599
+ "additionalProperties": false,
1600
+ "properties": {
1601
+ "parameters": {
1602
+ "description": "adjust the implicit behaviour of ifstate",
1603
+ "type": "object",
1604
+ "additionalProperties": false,
1605
+ "properties": {
1606
+ "cshaper": {
1607
+ "description": "cshaper templates",
1608
+ "type": "object",
1609
+ "patternProperties": {
1610
+ "": {
1611
+ "description": "cshaper profile",
1612
+ "type": "object",
1613
+ "additionalProperties": false,
1614
+ "required": [
1615
+ "egress_qdisc",
1616
+ "ingress_qdisc",
1617
+ "ingress_ifname"
1618
+ ],
1619
+ "properties": {
1620
+ "egress_qdisc": {
1621
+ "$ref": "#/$defs/tc-cake"
1622
+ },
1623
+ "ingress_qdisc": {
1624
+ "$ref": "#/$defs/tc-cake"
1625
+ },
1626
+ "ingress_ifname": {
1627
+ "description": "build a ifb ifname using a regex on the ifname",
1628
+ "type": "object",
1629
+ "additionalProperties": false,
1630
+ "required": [
1631
+ "search",
1632
+ "replace"
1633
+ ],
1634
+ "properties": {
1635
+ "search": {
1636
+ "description": "pattern to search",
1637
+ "type": "string"
1638
+ },
1639
+ "replace": {
1640
+ "description": "replace pattern by string",
1641
+ "type": "string"
1642
+ }
1643
+ }
1644
+ }
1645
+ }
1646
+ }
1647
+ },
1648
+ "required": [
1649
+ "default"
1650
+ ]
1651
+ },
1652
+ "defaults": {
1653
+ "description": "default settings for configured interfaces",
1654
+ "type": "array",
1655
+ "items": {
1656
+ "description": "first matching entry will be used, settings will be overriden by explicit configured interface settings",
1657
+ "type": "object",
1658
+ "required": [
1659
+ "match"
1660
+ ],
1661
+ "additionalProperties": false,
1662
+ "properties": {
1663
+ "match": {
1664
+ "description": "apply default settings for interfaces matching any list item (OR)",
1665
+ "type": "array",
1666
+ "items": {
1667
+ "description": "all conditions that must match (AND)",
1668
+ "type": "object",
1669
+ "additionalProperties": false,
1670
+ "properties": {
1671
+ "ifname": {
1672
+ "description": "regex to match interface name",
1673
+ "examples": [
1674
+ "^eth\\d+$"
1675
+ ],
1676
+ "type": "string"
1677
+ },
1678
+ "kind": {
1679
+ "description": "regex to match link type",
1680
+ "examples": [
1681
+ "^physical$",
1682
+ "^(physical|vlan)$"
1683
+ ],
1684
+ "type": "string"
1685
+ }
1686
+ }
1687
+ }
1688
+ },
1689
+ "clear_addresses": {
1690
+ "description": "implicit remove all ip addresses",
1691
+ "type": "boolean",
1692
+ "default": false
1693
+ },
1694
+ "clear_fdb": {
1695
+ "description": "implicit remove all permanent fdb entries",
1696
+ "type": "boolean",
1697
+ "default": false
1698
+ },
1699
+ "clear_neighbours": {
1700
+ "description": "implicit remove all permanent ip neighbours",
1701
+ "type": "boolean",
1702
+ "default": false
1703
+ },
1704
+ "clear_tc": {
1705
+ "description": "implicit remove all tc qdiscs",
1706
+ "type": "boolean",
1707
+ "default": false
1708
+ },
1709
+ "ethtool": {
1710
+ "$ref": "#/$defs/iface-ethtool"
1711
+ },
1712
+ "link": {
1713
+ "description": "implicit link settings for matching interfaces",
1714
+ "type": "object",
1715
+ "additionalProperties": false,
1716
+ "properties": {
1717
+ "group": {
1718
+ "$ref": "#/$defs/iface-link_group"
1719
+ },
1720
+ "state": {
1721
+ "$ref": "#/$defs/iface-link_state"
1722
+ },
1723
+ "master": {
1724
+ "$ref": "#/$defs/iface-link_master"
1725
+ },
1726
+ "mtu": {
1727
+ "$ref": "#/$defs/iface-link_mtu"
1728
+ },
1729
+ "txqlen": {
1730
+ "$ref": "#/$defs/iface-link_txqlen"
1731
+ },
1732
+ "ifalias": {
1733
+ "$ref": "#/$defs/iface-link_ifalias"
1734
+ },
1735
+ "link": {
1736
+ "$ref": "#/$defs/iface-link_link"
1737
+ },
1738
+ "link_netns": {
1739
+ "$ref": "#/$defs/iface-link_link-netns"
1740
+ }
1741
+ }
1742
+ }
1743
+ }
1744
+ }
1745
+ },
1746
+ "defaults_builtin": {
1747
+ "$ref": "#/properties/parameters/properties/defaults"
1748
+ },
1749
+ "hooks": {
1750
+ "description": "hooks are executed on interface configuration and can be used to spawn commands like DHCP client, wpa_supplicant or pppd.",
1751
+ "type": "object",
1752
+ "patternProperties": {
1753
+ "": {
1754
+ "description": "hook properties",
1755
+ "type": "object",
1756
+ "additionalProperties": false,
1757
+ "properties": {
1758
+ "script": {
1759
+ "description": "filename to be executed on interface configuration, the hook name will be used by default; relatives file are based on `/etc/needrestart/hooks`",
1760
+ "type": "string",
1761
+ "minLength": 1
1762
+ },
1763
+ "vrrp": {
1764
+ "description": "specify if the activation of this hook should follow the vrrp state for interfaces with a vrrp constraint",
1765
+ "type": "string",
1766
+ "enum": [
1767
+ "follow",
1768
+ "ignore"
1769
+ ],
1770
+ "default": "follow"
1771
+ },
1772
+ "provides": {
1773
+ "description": "aliases for dependency tracking",
1774
+ "type": "array",
1775
+ "default": []
1776
+ },
1777
+ "after": {
1778
+ "description": "hooks which should to be run before executing this script (hook names and provides)",
1779
+ "type": "array",
1780
+ "default": []
1781
+ }
1782
+ }
1783
+ }
1784
+ }
1785
+ },
1786
+ "ignore": {
1787
+ "description": "ignore patterns to skip interface, ip address or routing objects",
1788
+ "type": "object",
1789
+ "additionalProperties": false,
1790
+ "properties": {
1791
+ "ipaddr_builtin": {
1792
+ "$ref": "#/$defs/ignore-ipaddr"
1793
+ },
1794
+ "ipaddr": {
1795
+ "$ref": "#/$defs/ignore-ipaddr"
1796
+ },
1797
+ "ipaddr_dynamic": {
1798
+ "description": "ignore dynamic assigned ip addresses",
1799
+ "type": "boolean",
1800
+ "default": true
1801
+ },
1802
+ "ifname_builtin": {
1803
+ "$ref": "#/$defs/ignore-ifname"
1804
+ },
1805
+ "ifname": {
1806
+ "$ref": "#/$defs/ignore-ifname"
1807
+ },
1808
+ "fdb_builtin": {
1809
+ "$ref": "#/$defs/ignore-fdb"
1810
+ },
1811
+ "fdb": {
1812
+ "$ref": "#/$defs/ignore-fdb"
1813
+ },
1814
+ "routes_builtin": {
1815
+ "$ref": "#/$defs/ignore-routes"
1816
+ },
1817
+ "routes": {
1818
+ "$ref": "#/$defs/ignore-routes"
1819
+ },
1820
+ "rules_builtin": {
1821
+ "$ref": "#/$defs/ignore-rules"
1822
+ },
1823
+ "rules": {
1824
+ "$ref": "#/$defs/ignore-rules"
1825
+ },
1826
+ "netns": {
1827
+ "description": "netns namespaces matching this list of regex will be ignored",
1828
+ "type": "array",
1829
+ "items": {
1830
+ "description": "regex to match interface name",
1831
+ "examples": [
1832
+ "^tenant-\\d+"
1833
+ ],
1834
+ "type": "string"
1835
+ }
1836
+ }
1837
+ }
1838
+ }
1839
+ }
1840
+ },
1841
+ "bpf": {
1842
+ "description": "load and pin eBPF programs (i.e. for XDP)",
1843
+ "type": "object",
1844
+ "patternProperties": {
1845
+ "": {
1846
+ "description": "BPF program",
1847
+ "type": "object",
1848
+ "additionalProperties": false,
1849
+ "required": [
1850
+ "object",
1851
+ "section"
1852
+ ],
1853
+ "properties": {
1854
+ "object": {
1855
+ "description": "BPF ELF file to load",
1856
+ "type": "string"
1857
+ },
1858
+ "section": {
1859
+ "description": "BPF program's section name",
1860
+ "type": "string"
1861
+ }
1862
+ }
1863
+ }
1864
+ }
1865
+ },
1866
+ "interfaces": {
1867
+ "description": "list of interface settings (link settings and ip addresses)",
1868
+ "type": "object",
1869
+ "additionalProperties": false,
1870
+ "patternProperties": {
1871
+ "^[^/ ]{1,15}$": {
1872
+ "type": "object",
1873
+ "required": [
1874
+ "link"
1875
+ ],
1876
+ "additionalProperties": false,
1877
+ "properties": {
1878
+ "identify": {
1879
+ "description": "netlink and devicetree attributes to identify a specific physical interface; **all** given attributes must match; if more than a single interface does match, any one is taken; `ifstatecli identify` can be used to show available attributes",
1880
+ "additionalProperties": false,
1881
+ "properties": {
1882
+ "perm_address": {
1883
+ "description": "select interface by permanent address [ethtool -P]",
1884
+ "$ref": "#/$defs/iface-link_address"
1885
+ },
1886
+ "parent_dev_name": {
1887
+ "description": "select interface by bus info [ethtool -i]",
1888
+ "type": "string"
1889
+ },
1890
+ "parent_dev_bus_name": {
1891
+ "description": "select interface by bus name",
1892
+ "type": "string"
1893
+ },
1894
+ "phys_port_id": {
1895
+ "description": "identifier of the physical port",
1896
+ "type": "string"
1897
+ },
1898
+ "phys_port_name": {
1899
+ "description": "name of the physical port",
1900
+ "type": "string"
1901
+ },
1902
+ "phys_switch_id": {
1903
+ "description": "identifier of the physical switch",
1904
+ "type": "string"
1905
+ },
1906
+ "of_node": {
1907
+ "description": "path to the device node in the open firmware devicetree; this is only available if the platform has devicetree support"
1908
+ }
1909
+ }
1910
+ },
1911
+ "addresses": {
1912
+ "description": "ip addresses of the interface",
1913
+ "type": "array",
1914
+ "items": {
1915
+ "type": "string",
1916
+ "examples": [
1917
+ "192.0.2.1",
1918
+ "192.168.0.1/24",
1919
+ "2001:db8::1/64"
1920
+ ]
1921
+ }
1922
+ },
1923
+ "brport": {
1924
+ "description": "settings for bridge ports",
1925
+ "type": "object",
1926
+ "additionalProperties": false,
1927
+ "properties": {
1928
+ "priority": {
1929
+ "description": "set port priority",
1930
+ "type": "integer",
1931
+ "minimum": 0,
1932
+ "maximum": 63
1933
+ },
1934
+ "cost": {
1935
+ "description": "set port cost",
1936
+ "minimum": 1,
1937
+ "maximum": 65535
1938
+ },
1939
+ "guard": {
1940
+ "description": "filter BPDU packets",
1941
+ "type": "boolean"
1942
+ },
1943
+ "mode": {
1944
+ "description": "enable hairpin mode",
1945
+ "type": "boolean"
1946
+ },
1947
+ "fast_leave": {
1948
+ "description": "enable multicast fast leave",
1949
+ "type": "boolean"
1950
+ },
1951
+ "protect": {
1952
+ "description": "prevent to become a root port",
1953
+ "type": "boolean"
1954
+ },
1955
+ "learning": {
1956
+ "description": "allow MAC address learning",
1957
+ "type": "boolean"
1958
+ },
1959
+ "unicast_flood": {
1960
+ "description": "flood unknown unicasts",
1961
+ "type": "boolean"
1962
+ },
1963
+ "bcast_flood": {
1964
+ "description": "flood broadcasts",
1965
+ "type": "boolean"
1966
+ },
1967
+ "mcast_flood": {
1968
+ "description": "flood multicasts",
1969
+ "type": "boolean"
1970
+ },
1971
+ "mcast_to_ucast": {
1972
+ "description": "clone multicast packets into unicasts",
1973
+ "type": "boolean"
1974
+ },
1975
+ "proxyarp": {
1976
+ "description": "enable proxy ARP",
1977
+ "type": "boolean"
1978
+ },
1979
+ "proxyarp_wifi": {
1980
+ "description": "enable proxy ARP (IEEE 802.11 and Hotspot 2.0)",
1981
+ "type": "boolean"
1982
+ },
1983
+ "neigh_suppress": {
1984
+ "description": "ARP and ND suppression",
1985
+ "type": "boolean"
1986
+ },
1987
+ "vlan_tunnel": {
1988
+ "description": "VLAN to tunnel mapping",
1989
+ "type": "boolean"
1990
+ },
1991
+ "backup_port": {
1992
+ "description": "backup bridge port on loss carrier",
1993
+ "$ref": "#/$defs/iface-link_link"
1994
+ },
1995
+ "isolated": {
1996
+ "description": "isolated port, can communicate only with non-isolated ports",
1997
+ "type": "boolean"
1998
+ }
1999
+ }
2000
+ },
2001
+ "fdb": {
2002
+ "description": "forwarding database for bridge interfaces, the entries are distinct by the `lladdr` property",
2003
+ "type": "array",
2004
+ "items": {
2005
+ "type": "object",
2006
+ "additionalProperties": false,
2007
+ "required": [
2008
+ "lladdr"
2009
+ ],
2010
+ "properties": {
2011
+ "lladdr": {
2012
+ "description": "destination link layer address",
2013
+ "$ref": "#/$defs/iface-link_address",
2014
+ "default": null
2015
+ },
2016
+ "dst": {
2017
+ "description": "ip address of the destination VXLAN tunnel endpoint",
2018
+ "type": "string",
2019
+ "oneOf": [
2020
+ {
2021
+ "format": "ipv4"
2022
+ },
2023
+ {
2024
+ "format": "ipv6"
2025
+ }
2026
+ ]
2027
+ },
2028
+ "nhid": {
2029
+ "description": "ecmp nexthop group for the VXLAN device driver",
2030
+ "type": "integer",
2031
+ "minimum": 1
2032
+ },
2033
+ "port": {
2034
+ "description": "destination port number to use to connect to the remote VXLAN tunnel endpoint",
2035
+ "type": "integer",
2036
+ "minimum": 0,
2037
+ "maximum": 65535
2038
+ },
2039
+ "vni": {
2040
+ "description": "virtual network identifier this entry belongs to",
2041
+ "type": "integer",
2042
+ "minimum": 0,
2043
+ "maximum": 16777215
2044
+ },
2045
+ "flags": {
2046
+ "type": "array",
2047
+ "items": [
2048
+ {
2049
+ "type": "string",
2050
+ "enum": [
2051
+ "self",
2052
+ "master",
2053
+ "router",
2054
+ "use",
2055
+ "sticky"
2056
+ ]
2057
+ }
2058
+ ]
2059
+ },
2060
+ "state": {
2061
+ "type": "array",
2062
+ "items": [
2063
+ {
2064
+ "type": "string",
2065
+ "enum": [
2066
+ "permanent",
2067
+ "noarp"
2068
+ ]
2069
+ }
2070
+ ]
2071
+ }
2072
+ }
2073
+ }
2074
+ },
2075
+ "hooks": {
2076
+ "description": "list of hook names enabled for the interfaces",
2077
+ "type": "array",
2078
+ "items": [
2079
+ {
2080
+ "type": "object",
2081
+ "additionalProperties": false,
2082
+ "required": [
2083
+ "name"
2084
+ ],
2085
+ "properties": {
2086
+ "name": {
2087
+ "description": "name of the hook defined in [$.parameters.hooks](#parameters_hooks)`",
2088
+ "type": "string",
2089
+ "minLength": 1
2090
+ },
2091
+ "args": {
2092
+ "description": "dictonary to be passed to hooks as environment variables",
2093
+ "type": "object",
2094
+ "default": {}
2095
+ }
2096
+ }
2097
+ }
2098
+ ],
2099
+ "default": []
2100
+ },
2101
+ "vrrp": {
2102
+ "$ref": "#/$defs/condition-vrrp"
2103
+ },
2104
+ "link": {
2105
+ "description": "link settings of the interface",
2106
+ "type": "object",
2107
+ "required": [
2108
+ "kind"
2109
+ ],
2110
+ "oneOf": [
2111
+ {
2112
+ "description": "Intermediate Functional Block device",
2113
+ "required": [
2114
+ "kind"
2115
+ ],
2116
+ "additionalProperties": false,
2117
+ "properties": {
2118
+ "kind": {
2119
+ "const": "ifb",
2120
+ "description": "link type"
2121
+ },
2122
+ "address": {
2123
+ "$ref": "#/$defs/iface-link_address"
2124
+ },
2125
+ "group": {
2126
+ "$ref": "#/$defs/iface-link_group"
2127
+ },
2128
+ "state": {
2129
+ "$ref": "#/$defs/iface-link_state"
2130
+ },
2131
+ "master": {
2132
+ "$ref": "#/$defs/iface-link_master"
2133
+ },
2134
+ "mtu": {
2135
+ "$ref": "#/$defs/iface-link_mtu"
2136
+ },
2137
+ "txqlen": {
2138
+ "$ref": "#/$defs/iface-link_txqlen"
2139
+ },
2140
+ "ifalias": {
2141
+ "$ref": "#/$defs/iface-link_ifalias"
2142
+ }
2143
+ }
2144
+ },
2145
+ {
2146
+ "description": "Virtual tunnel interface IPv4|IPv6 over IPv6",
2147
+ "required": [
2148
+ "kind"
2149
+ ],
2150
+ "properties": {
2151
+ "kind": {
2152
+ "const": "ip6tnl",
2153
+ "description": "link type"
2154
+ },
2155
+ "address": {
2156
+ "$ref": "#/$defs/iface-link_address"
2157
+ },
2158
+ "bind_netns": {
2159
+ "$ref": "#/$defs/iface-link_bind-netns"
2160
+ },
2161
+ "group": {
2162
+ "$ref": "#/$defs/iface-link_group"
2163
+ },
2164
+ "state": {
2165
+ "$ref": "#/$defs/iface-link_state"
2166
+ },
2167
+ "master": {
2168
+ "$ref": "#/$defs/iface-link_master"
2169
+ },
2170
+ "mtu": {
2171
+ "$ref": "#/$defs/iface-link_mtu"
2172
+ },
2173
+ "txqlen": {
2174
+ "$ref": "#/$defs/iface-link_txqlen"
2175
+ },
2176
+ "ifalias": {
2177
+ "$ref": "#/$defs/iface-link_ifalias"
2178
+ }
2179
+ }
2180
+ },
2181
+ {
2182
+ "description": "IP over Infiniband device",
2183
+ "required": [
2184
+ "kind"
2185
+ ],
2186
+ "properties": {
2187
+ "kind": {
2188
+ "const": "ipoib",
2189
+ "description": "link type"
2190
+ },
2191
+ "address": {
2192
+ "$ref": "#/$defs/iface-link_address"
2193
+ },
2194
+ "group": {
2195
+ "$ref": "#/$defs/iface-link_group"
2196
+ },
2197
+ "state": {
2198
+ "$ref": "#/$defs/iface-link_state"
2199
+ },
2200
+ "master": {
2201
+ "$ref": "#/$defs/iface-link_master"
2202
+ },
2203
+ "mtu": {
2204
+ "$ref": "#/$defs/iface-link_mtu"
2205
+ },
2206
+ "txqlen": {
2207
+ "$ref": "#/$defs/iface-link_txqlen"
2208
+ },
2209
+ "ifalias": {
2210
+ "$ref": "#/$defs/iface-link_ifalias"
2211
+ }
2212
+ }
2213
+ },
2214
+ {
2215
+ "description": "Interface for L3 (IPv6/IPv4) based VLANs",
2216
+ "required": [
2217
+ "kind"
2218
+ ],
2219
+ "properties": {
2220
+ "kind": {
2221
+ "const": "ipvlan",
2222
+ "description": "link type"
2223
+ },
2224
+ "address": {
2225
+ "$ref": "#/$defs/iface-link_address"
2226
+ },
2227
+ "group": {
2228
+ "$ref": "#/$defs/iface-link_group"
2229
+ },
2230
+ "state": {
2231
+ "$ref": "#/$defs/iface-link_state"
2232
+ },
2233
+ "master": {
2234
+ "$ref": "#/$defs/iface-link_master"
2235
+ },
2236
+ "mtu": {
2237
+ "$ref": "#/$defs/iface-link_mtu"
2238
+ },
2239
+ "txqlen": {
2240
+ "$ref": "#/$defs/iface-link_txqlen"
2241
+ },
2242
+ "ifalias": {
2243
+ "$ref": "#/$defs/iface-link_ifalias"
2244
+ }
2245
+ }
2246
+ },
2247
+ {
2248
+ "description": "Virtual interface base on link layer address (MAC)",
2249
+ "required": [
2250
+ "kind"
2251
+ ],
2252
+ "properties": {
2253
+ "kind": {
2254
+ "const": "macvlan",
2255
+ "description": "link type"
2256
+ },
2257
+ "address": {
2258
+ "$ref": "#/$defs/iface-link_address"
2259
+ },
2260
+ "group": {
2261
+ "$ref": "#/$defs/iface-link_group"
2262
+ },
2263
+ "state": {
2264
+ "$ref": "#/$defs/iface-link_state"
2265
+ },
2266
+ "master": {
2267
+ "$ref": "#/$defs/iface-link_master"
2268
+ },
2269
+ "mtu": {
2270
+ "$ref": "#/$defs/iface-link_mtu"
2271
+ },
2272
+ "txqlen": {
2273
+ "$ref": "#/$defs/iface-link_txqlen"
2274
+ },
2275
+ "ifalias": {
2276
+ "$ref": "#/$defs/iface-link_ifalias"
2277
+ }
2278
+ }
2279
+ },
2280
+ {
2281
+ "description": "Virtual interface based on link layer address (MAC) and TAP",
2282
+ "required": [
2283
+ "kind"
2284
+ ],
2285
+ "properties": {
2286
+ "kind": {
2287
+ "const": "macvtap",
2288
+ "description": "link type"
2289
+ },
2290
+ "address": {
2291
+ "$ref": "#/$defs/iface-link_address"
2292
+ },
2293
+ "group": {
2294
+ "$ref": "#/$defs/iface-link_group"
2295
+ },
2296
+ "state": {
2297
+ "$ref": "#/$defs/iface-link_state"
2298
+ },
2299
+ "master": {
2300
+ "$ref": "#/$defs/iface-link_master"
2301
+ },
2302
+ "mtu": {
2303
+ "$ref": "#/$defs/iface-link_mtu"
2304
+ },
2305
+ "txqlen": {
2306
+ "$ref": "#/$defs/iface-link_txqlen"
2307
+ },
2308
+ "ifalias": {
2309
+ "$ref": "#/$defs/iface-link_ifalias"
2310
+ }
2311
+ }
2312
+ },
2313
+ {
2314
+ "description": "Team network device",
2315
+ "required": [
2316
+ "kind"
2317
+ ],
2318
+ "properties": {
2319
+ "kind": {
2320
+ "const": "team",
2321
+ "description": "link type"
2322
+ },
2323
+ "address": {
2324
+ "$ref": "#/$defs/iface-link_address"
2325
+ },
2326
+ "group": {
2327
+ "$ref": "#/$defs/iface-link_group"
2328
+ },
2329
+ "state": {
2330
+ "$ref": "#/$defs/iface-link_state"
2331
+ },
2332
+ "master": {
2333
+ "$ref": "#/$defs/iface-link_master"
2334
+ },
2335
+ "mtu": {
2336
+ "$ref": "#/$defs/iface-link_mtu"
2337
+ },
2338
+ "txqlen": {
2339
+ "$ref": "#/$defs/iface-link_txqlen"
2340
+ },
2341
+ "ifalias": {
2342
+ "$ref": "#/$defs/iface-link_ifalias"
2343
+ }
2344
+ }
2345
+ },
2346
+ {
2347
+ "description": "Virtual software device (TUN/TAP)",
2348
+ "required": [
2349
+ "kind",
2350
+ "tun_type"
2351
+ ],
2352
+ "additionalProperties": false,
2353
+ "properties": {
2354
+ "kind": {
2355
+ "const": "tun",
2356
+ "description": "link type"
2357
+ },
2358
+ "address": {
2359
+ "$ref": "#/$defs/iface-link_address"
2360
+ },
2361
+ "bind_netns": {
2362
+ "$ref": "#/$defs/iface-link_bind-netns"
2363
+ },
2364
+ "group": {
2365
+ "$ref": "#/$defs/iface-link_group"
2366
+ },
2367
+ "state": {
2368
+ "$ref": "#/$defs/iface-link_state"
2369
+ },
2370
+ "master": {
2371
+ "$ref": "#/$defs/iface-link_master"
2372
+ },
2373
+ "mtu": {
2374
+ "$ref": "#/$defs/iface-link_mtu"
2375
+ },
2376
+ "txqlen": {
2377
+ "$ref": "#/$defs/iface-link_txqlen"
2378
+ },
2379
+ "ifalias": {
2380
+ "$ref": "#/$defs/iface-link_ifalias"
2381
+ },
2382
+ "tun_type": {
2383
+ "description": "device mode (Ethernet headers)",
2384
+ "default": "tap",
2385
+ "enum": [
2386
+ 1,
2387
+ "tun",
2388
+ 2,
2389
+ "tap"
2390
+ ]
2391
+ },
2392
+ "tun_pi": {
2393
+ "description": "provide packet information",
2394
+ "type": [
2395
+ "boolean",
2396
+ "integer"
2397
+ ],
2398
+ "default": false,
2399
+ "enum": [
2400
+ 0,
2401
+ false,
2402
+ 1,
2403
+ true
2404
+ ]
2405
+ },
2406
+ "tun_persist": {
2407
+ "description": "persistent device; non-persistent devices cannot be created",
2408
+ "type": [
2409
+ "boolean",
2410
+ "integer"
2411
+ ],
2412
+ "default": false,
2413
+ "enum": [
2414
+ 0,
2415
+ false,
2416
+ 1,
2417
+ true
2418
+ ]
2419
+ },
2420
+ "tun_vnet_hdr": {
2421
+ "description": "prepend frames with struct virtio_net_hdr",
2422
+ "default": false,
2423
+ "enum": [
2424
+ 0,
2425
+ false,
2426
+ 1,
2427
+ true
2428
+ ]
2429
+ },
2430
+ "tun_multi_queue": {
2431
+ "description": "enable multiqueue tuntap",
2432
+ "type": [
2433
+ "boolean",
2434
+ "integer"
2435
+ ],
2436
+ "default": false,
2437
+ "enum": [
2438
+ 0,
2439
+ false,
2440
+ 1,
2441
+ true
2442
+ ]
2443
+ },
2444
+ "tun_owner": {
2445
+ "description": "device owner",
2446
+ "type": [
2447
+ "integer",
2448
+ "string"
2449
+ ]
2450
+ },
2451
+ "tun_group": {
2452
+ "description": "device group",
2453
+ "type": [
2454
+ "integer",
2455
+ "string"
2456
+ ]
2457
+ }
2458
+ }
2459
+ },
2460
+ {
2461
+ "description": "Virtual Routing and Forwarding device",
2462
+ "required": [
2463
+ "kind",
2464
+ "vrf_table"
2465
+ ],
2466
+ "additionalProperties": false,
2467
+ "properties": {
2468
+ "kind": {
2469
+ "const": "vrf",
2470
+ "description": "link type"
2471
+ },
2472
+ "address": {
2473
+ "$ref": "#/$defs/iface-link_address"
2474
+ },
2475
+ "group": {
2476
+ "$ref": "#/$defs/iface-link_group"
2477
+ },
2478
+ "state": {
2479
+ "$ref": "#/$defs/iface-link_state"
2480
+ },
2481
+ "master": {
2482
+ "$ref": "#/$defs/iface-link_master"
2483
+ },
2484
+ "mtu": {
2485
+ "$ref": "#/$defs/iface-link_mtu"
2486
+ },
2487
+ "txqlen": {
2488
+ "$ref": "#/$defs/iface-link_txqlen"
2489
+ },
2490
+ "vrf_table": {
2491
+ "description": "routing table associated with the VRF device",
2492
+ "type": [
2493
+ "integer",
2494
+ "string"
2495
+ ],
2496
+ "minimum": 1,
2497
+ "maximum": 4294967295
2498
+ },
2499
+ "ifalias": {
2500
+ "$ref": "#/$defs/iface-link_ifalias"
2501
+ }
2502
+ }
2503
+ },
2504
+ {
2505
+ "description": "Virtual tunnel interface over IPv4",
2506
+ "required": [
2507
+ "kind"
2508
+ ],
2509
+ "properties": {
2510
+ "kind": {
2511
+ "const": "vti",
2512
+ "description": "link type"
2513
+ },
2514
+ "address": {
2515
+ "$ref": "#/$defs/iface-link_address"
2516
+ },
2517
+ "bind_netns": {
2518
+ "$ref": "#/$defs/iface-link_bind-netns"
2519
+ },
2520
+ "group": {
2521
+ "$ref": "#/$defs/iface-link_group"
2522
+ },
2523
+ "state": {
2524
+ "$ref": "#/$defs/iface-link_state"
2525
+ },
2526
+ "master": {
2527
+ "$ref": "#/$defs/iface-link_master"
2528
+ },
2529
+ "mtu": {
2530
+ "$ref": "#/$defs/iface-link_mtu"
2531
+ },
2532
+ "txqlen": {
2533
+ "$ref": "#/$defs/iface-link_txqlen"
2534
+ },
2535
+ "ifalias": {
2536
+ "$ref": "#/$defs/iface-link_ifalias"
2537
+ }
2538
+ }
2539
+ },
2540
+ {
2541
+ "description": "Virtual tunnel interface over IPv6",
2542
+ "required": [
2543
+ "kind"
2544
+ ],
2545
+ "properties": {
2546
+ "kind": {
2547
+ "const": "vti6",
2548
+ "description": "link type"
2549
+ },
2550
+ "address": {
2551
+ "$ref": "#/$defs/iface-link_address"
2552
+ },
2553
+ "bind_netns": {
2554
+ "$ref": "#/$defs/iface-link_bind-netns"
2555
+ },
2556
+ "group": {
2557
+ "$ref": "#/$defs/iface-link_group"
2558
+ },
2559
+ "state": {
2560
+ "$ref": "#/$defs/iface-link_state"
2561
+ },
2562
+ "master": {
2563
+ "$ref": "#/$defs/iface-link_master"
2564
+ },
2565
+ "mtu": {
2566
+ "$ref": "#/$defs/iface-link_mtu"
2567
+ },
2568
+ "txqlen": {
2569
+ "$ref": "#/$defs/iface-link_txqlen"
2570
+ },
2571
+ "ifalias": {
2572
+ "$ref": "#/$defs/iface-link_ifalias"
2573
+ }
2574
+ }
2575
+ },
2576
+ {
2577
+ "description": "Bonding network interface",
2578
+ "required": [
2579
+ "kind"
2580
+ ],
2581
+ "additionalProperties": false,
2582
+ "properties": {
2583
+ "kind": {
2584
+ "const": "bond",
2585
+ "description": "link type"
2586
+ },
2587
+ "address": {
2588
+ "$ref": "#/$defs/iface-link_address"
2589
+ },
2590
+ "group": {
2591
+ "$ref": "#/$defs/iface-link_group"
2592
+ },
2593
+ "state": {
2594
+ "$ref": "#/$defs/iface-link_state"
2595
+ },
2596
+ "master": {
2597
+ "$ref": "#/$defs/iface-link_master"
2598
+ },
2599
+ "mtu": {
2600
+ "$ref": "#/$defs/iface-link_mtu"
2601
+ },
2602
+ "txqlen": {
2603
+ "$ref": "#/$defs/iface-link_txqlen"
2604
+ },
2605
+ "ifalias": {
2606
+ "$ref": "#/$defs/iface-link_ifalias"
2607
+ },
2608
+ "bond_mode": {
2609
+ "enum": [
2610
+ 0,
2611
+ "balance-rr",
2612
+ 1,
2613
+ "active-backup",
2614
+ 2,
2615
+ "balance-xor",
2616
+ 3,
2617
+ "broadcast",
2618
+ 4,
2619
+ "802.3ad",
2620
+ 5,
2621
+ "balance-tlb",
2622
+ 6,
2623
+ "balance-alb"
2624
+ ],
2625
+ "default": "balance-rr",
2626
+ "description": "the bonding policy"
2627
+ },
2628
+ "bond_miimon": {
2629
+ "type": "integer",
2630
+ "minimum": 0,
2631
+ "default": 0,
2632
+ "description": "MII link monitoring frequency in milliseconds"
2633
+ },
2634
+ "bond_updelay": {
2635
+ "type": "integer",
2636
+ "minimum": 0,
2637
+ "default": 0,
2638
+ "description": "time, in milliseconds, to wait before enabling a slave after a link recovery has been detected"
2639
+ },
2640
+ "bond_downdelay": {
2641
+ "type": "integer",
2642
+ "minimum": 0,
2643
+ "default": 0,
2644
+ "description": "time, in milliseconds, to wait before disabling a slave after a link failure has been detected"
2645
+ },
2646
+ "bond_use_carrier": {
2647
+ "enum": [
2648
+ 0,
2649
+ 1
2650
+ ],
2651
+ "default": 1,
2652
+ "description": "use MII or ETHTOOL ioctls vs. netif_carrier_ok() to determine the link status"
2653
+ },
2654
+ "bond_arp_interval": {
2655
+ "type": "integer",
2656
+ "minimum": 0,
2657
+ "default": 0,
2658
+ "description": "ARP link monitoring frequency in milliseconds"
2659
+ },
2660
+ "bond_arp_validate": {
2661
+ "enum": [
2662
+ 0,
2663
+ "none",
2664
+ 1,
2665
+ "active",
2666
+ 2,
2667
+ "backup",
2668
+ 3,
2669
+ "all",
2670
+ 4,
2671
+ "filter",
2672
+ 5,
2673
+ "filter_active",
2674
+ 6,
2675
+ "filter_backup"
2676
+ ],
2677
+ "default": "none",
2678
+ "description": "arp validation for arp monitoring"
2679
+ },
2680
+ "bond_arp_all_targets": {
2681
+ "enum": [
2682
+ 0,
2683
+ "any",
2684
+ 1,
2685
+ "all"
2686
+ ],
2687
+ "default": "any",
2688
+ "description": "quantity of arp_ip_targets that must be reachable"
2689
+ },
2690
+ "bond_primary_reselect": {
2691
+ "enum": [
2692
+ 0,
2693
+ "always",
2694
+ 1,
2695
+ "better",
2696
+ 2,
2697
+ "failure"
2698
+ ],
2699
+ "default": "always",
2700
+ "description": "reselection policy for the primary slave"
2701
+ },
2702
+ "bond_fail_over_mac": {
2703
+ "enum": [
2704
+ 0,
2705
+ "none",
2706
+ 1,
2707
+ "active",
2708
+ 2,
2709
+ "follow"
2710
+ ],
2711
+ "default": "none",
2712
+ "description": "slave mac address selection"
2713
+ },
2714
+ "bond_xmit_hash_policy": {
2715
+ "enum": [
2716
+ 0,
2717
+ "layer2",
2718
+ 1,
2719
+ "layer3+4",
2720
+ 2,
2721
+ "layer2+3",
2722
+ 3,
2723
+ "encap2+3",
2724
+ 4,
2725
+ "encap3+4",
2726
+ 5,
2727
+ "vlan+srcmac"
2728
+ ],
2729
+ "default": "layer2",
2730
+ "description": "transmit hash policy to use for slave selection"
2731
+ },
2732
+ "bond_resend_igmp": {
2733
+ "type": "integer",
2734
+ "minimum": 0,
2735
+ "maximum": 255,
2736
+ "default": 1,
2737
+ "description": "number of IGMP membership reports to be issued after a failover event"
2738
+ },
2739
+ "bond_num_peer_notif": {
2740
+ "type": "integer",
2741
+ "minimum": 0,
2742
+ "default": 1
2743
+ },
2744
+ "bond_all_slaves_active": {
2745
+ "enum": [
2746
+ 0,
2747
+ 1
2748
+ ],
2749
+ "default": 1,
2750
+ "description": "dropped (0) or delivered (1) duplicate frames"
2751
+ },
2752
+ "bond_min_links": {
2753
+ "type": "integer",
2754
+ "minimum": 0,
2755
+ "default": 0,
2756
+ "description": "number of links that must be active before asserting carrier"
2757
+ },
2758
+ "bond_lp_interval": {
2759
+ "type": "integer",
2760
+ "minimum": 0,
2761
+ "maximum": 2147483647,
2762
+ "default": 1,
2763
+ "description": "number of seconds between instances where the bonding driver sends learning packets to each slaves peer switch"
2764
+ },
2765
+ "bond_packets_per_slave": {
2766
+ "type": "integer",
2767
+ "minimum": 0,
2768
+ "maximum": 65535,
2769
+ "default": 1,
2770
+ "description": "number of packets to transmit through a slave before moving to the next one"
2771
+ },
2772
+ "bond_ad_lacp_rate": {
2773
+ "enum": [
2774
+ 0,
2775
+ "slow",
2776
+ 1,
2777
+ "fast"
2778
+ ],
2779
+ "default": "slow",
2780
+ "description": "requested LACPDU packet rate in 802.3ad mode"
2781
+ },
2782
+ "bond_ad_select": {
2783
+ "enum": [
2784
+ 0,
2785
+ "stable",
2786
+ 1,
2787
+ "bandwidth",
2788
+ 2,
2789
+ "count"
2790
+ ],
2791
+ "default": "stable",
2792
+ "description": "802.3ad aggregation selection logic to use"
2793
+ },
2794
+ "bond_tlb_dynamic_lb": {
2795
+ "enum": [
2796
+ 0,
2797
+ 1
2798
+ ],
2799
+ "default": 1,
2800
+ "description": "dynamic shuffling of flows in tlb mode"
2801
+ }
2802
+ }
2803
+ },
2804
+ {
2805
+ "description": "Bridge network interface",
2806
+ "required": [
2807
+ "kind"
2808
+ ],
2809
+ "properties": {
2810
+ "kind": {
2811
+ "const": "bridge",
2812
+ "description": "link type"
2813
+ },
2814
+ "address": {
2815
+ "$ref": "#/$defs/iface-link_address"
2816
+ },
2817
+ "group": {
2818
+ "$ref": "#/$defs/iface-link_group"
2819
+ },
2820
+ "state": {
2821
+ "$ref": "#/$defs/iface-link_state"
2822
+ },
2823
+ "master": {
2824
+ "$ref": "#/$defs/iface-link_master"
2825
+ },
2826
+ "mtu": {
2827
+ "$ref": "#/$defs/iface-link_mtu"
2828
+ },
2829
+ "txqlen": {
2830
+ "$ref": "#/$defs/iface-link_txqlen"
2831
+ },
2832
+ "ifalias": {
2833
+ "$ref": "#/$defs/iface-link_ifalias"
2834
+ },
2835
+ "br_ageing_time": {
2836
+ "type": "integer",
2837
+ "minimum": 0,
2838
+ "default": 30000,
2839
+ "description": "FDB entry ageing time in milliseconds"
2840
+ },
2841
+ "br_vlan_protocol": {
2842
+ "enum": [
2843
+ 33024,
2844
+ "802.1q",
2845
+ 34984,
2846
+ "802.1ad"
2847
+ ],
2848
+ "default": "802.1q",
2849
+ "description": "802.1q or 802.1ad (Q-in-Q)"
2850
+ }
2851
+ }
2852
+ },
2853
+ {
2854
+ "description": "Physical network interface",
2855
+ "required": [
2856
+ "kind"
2857
+ ],
2858
+ "additionalProperties": false,
2859
+ "properties": {
2860
+ "kind": {
2861
+ "type": "string",
2862
+ "description": "link type",
2863
+ "enum": [
2864
+ "physical"
2865
+ ]
2866
+ },
2867
+ "address": {
2868
+ "$ref": "#/$defs/iface-link_address"
2869
+ },
2870
+ "group": {
2871
+ "$ref": "#/$defs/iface-link_group"
2872
+ },
2873
+ "state": {
2874
+ "$ref": "#/$defs/iface-link_state"
2875
+ },
2876
+ "master": {
2877
+ "$ref": "#/$defs/iface-link_master"
2878
+ },
2879
+ "mtu": {
2880
+ "$ref": "#/$defs/iface-link_mtu"
2881
+ },
2882
+ "txqlen": {
2883
+ "$ref": "#/$defs/iface-link_txqlen"
2884
+ },
2885
+ "ifalias": {
2886
+ "$ref": "#/$defs/iface-link_ifalias"
2887
+ }
2888
+ }
2889
+ },
2890
+ {
2891
+ "description": "Dummy network interface",
2892
+ "required": [
2893
+ "kind"
2894
+ ],
2895
+ "additionalProperties": false,
2896
+ "properties": {
2897
+ "kind": {
2898
+ "type": "string",
2899
+ "description": "link type",
2900
+ "enum": [
2901
+ "dummy"
2902
+ ]
2903
+ },
2904
+ "address": {
2905
+ "$ref": "#/$defs/iface-link_address"
2906
+ },
2907
+ "group": {
2908
+ "$ref": "#/$defs/iface-link_group"
2909
+ },
2910
+ "state": {
2911
+ "$ref": "#/$defs/iface-link_state"
2912
+ },
2913
+ "master": {
2914
+ "$ref": "#/$defs/iface-link_master"
2915
+ },
2916
+ "mtu": {
2917
+ "$ref": "#/$defs/iface-link_mtu"
2918
+ },
2919
+ "txqlen": {
2920
+ "$ref": "#/$defs/iface-link_txqlen"
2921
+ },
2922
+ "ifalias": {
2923
+ "$ref": "#/$defs/iface-link_ifalias"
2924
+ }
2925
+ }
2926
+ },
2927
+ {
2928
+ "description": "VETH/VXCAN interface",
2929
+ "required": [
2930
+ "kind",
2931
+ "peer"
2932
+ ],
2933
+ "additionalProperties": false,
2934
+ "properties": {
2935
+ "kind": {
2936
+ "type": "string",
2937
+ "description": "link type",
2938
+ "enum": [
2939
+ "veth",
2940
+ "vxcan"
2941
+ ]
2942
+ },
2943
+ "address": {
2944
+ "$ref": "#/$defs/iface-link_address"
2945
+ },
2946
+ "group": {
2947
+ "$ref": "#/$defs/iface-link_group"
2948
+ },
2949
+ "peer": {
2950
+ "$ref": "#/$defs/iface-link_link"
2951
+ },
2952
+ "peer_netns": {
2953
+ "type": [
2954
+ "string",
2955
+ "null"
2956
+ ],
2957
+ "description": "specifies the peer's netns name or null if the peer isn't in a netns namespace"
2958
+ },
2959
+ "state": {
2960
+ "$ref": "#/$defs/iface-link_state"
2961
+ },
2962
+ "master": {
2963
+ "$ref": "#/$defs/iface-link_master"
2964
+ },
2965
+ "mtu": {
2966
+ "$ref": "#/$defs/iface-link_mtu"
2967
+ },
2968
+ "txqlen": {
2969
+ "$ref": "#/$defs/iface-link_txqlen"
2970
+ },
2971
+ "ifalias": {
2972
+ "$ref": "#/$defs/iface-link_ifalias"
2973
+ }
2974
+ }
2975
+ },
2976
+ {
2977
+ "description": "VLAN interface",
2978
+ "required": [
2979
+ "kind",
2980
+ "link",
2981
+ "vlan_id"
2982
+ ],
2983
+ "additionalProperties": false,
2984
+ "properties": {
2985
+ "kind": {
2986
+ "const": "vlan",
2987
+ "description": "link type"
2988
+ },
2989
+ "address": {
2990
+ "$ref": "#/$defs/iface-link_address"
2991
+ },
2992
+ "group": {
2993
+ "$ref": "#/$defs/iface-link_group"
2994
+ },
2995
+ "state": {
2996
+ "$ref": "#/$defs/iface-link_state"
2997
+ },
2998
+ "master": {
2999
+ "$ref": "#/$defs/iface-link_master"
3000
+ },
3001
+ "mtu": {
3002
+ "$ref": "#/$defs/iface-link_mtu"
3003
+ },
3004
+ "txqlen": {
3005
+ "$ref": "#/$defs/iface-link_txqlen"
3006
+ },
3007
+ "ifalias": {
3008
+ "$ref": "#/$defs/iface-link_ifalias"
3009
+ },
3010
+ "link": {
3011
+ "$ref": "#/$defs/iface-link_link"
3012
+ },
3013
+ "link_netns": {
3014
+ "$ref": "#/$defs/iface-link_link-netns"
3015
+ },
3016
+ "vlan_id": {
3017
+ "type": [
3018
+ "integer"
3019
+ ],
3020
+ "minimum": 0,
3021
+ "maximum": 4094,
3022
+ "description": "specifies the VLAN identifier to use"
3023
+ },
3024
+ "vlan_protocol": {
3025
+ "enum": [
3026
+ 33024,
3027
+ "802.1q",
3028
+ 34984,
3029
+ "802.1ad"
3030
+ ],
3031
+ "default": "802.1q",
3032
+ "description": "802.1q or 802.1ad (Q-in-Q)"
3033
+ }
3034
+ }
3035
+ },
3036
+ {
3037
+ "description": "VXLAN interface",
3038
+ "required": [
3039
+ "kind",
3040
+ "vxlan_id"
3041
+ ],
3042
+ "additionalProperties": false,
3043
+ "properties": {
3044
+ "kind": {
3045
+ "const": "vxlan",
3046
+ "description": "link type"
3047
+ },
3048
+ "address": {
3049
+ "$ref": "#/$defs/iface-link_address"
3050
+ },
3051
+ "bind_netns": {
3052
+ "$ref": "#/$defs/iface-link_bind-netns"
3053
+ },
3054
+ "group": {
3055
+ "$ref": "#/$defs/iface-link_group"
3056
+ },
3057
+ "state": {
3058
+ "$ref": "#/$defs/iface-link_state"
3059
+ },
3060
+ "master": {
3061
+ "$ref": "#/$defs/iface-link_master"
3062
+ },
3063
+ "mtu": {
3064
+ "$ref": "#/$defs/iface-link_mtu"
3065
+ },
3066
+ "txqlen": {
3067
+ "$ref": "#/$defs/iface-link_txqlen"
3068
+ },
3069
+ "ifalias": {
3070
+ "$ref": "#/$defs/iface-link_ifalias"
3071
+ },
3072
+ "vxlan_id": {
3073
+ "type": "integer",
3074
+ "minimum": 0,
3075
+ "maximum": 16777215,
3076
+ "description": "specifies the VNI"
3077
+ },
3078
+ "vxlan_ageing": {
3079
+ "type": "integer",
3080
+ "minimum": 0,
3081
+ "maximum": 4294967296,
3082
+ "description": "specifies the lifetime in seconds of FDB entries learnt by the kernel (0: none)",
3083
+ "default": 300
3084
+ },
3085
+ "vxlan_df": {
3086
+ "enum": [
3087
+ 0,
3088
+ "unset",
3089
+ 1,
3090
+ "set",
3091
+ 2,
3092
+ "inherit"
3093
+ ],
3094
+ "default": "unset",
3095
+ "description": "specifies the usage of the DF bit in outgoing packets with IPv4 headers"
3096
+ },
3097
+ "vxlan_label": {
3098
+ "type": "integer",
3099
+ "minimum": 0,
3100
+ "maximum": 1048575,
3101
+ "description": "specifies a fixed flowlabel"
3102
+ },
3103
+ "vxlan_learning": {
3104
+ "type": "integer",
3105
+ "minimum": 0,
3106
+ "maximum": 1,
3107
+ "description": "specifies if unknown source link layer addresses and IP addresses are entered into the VXLAN device fdb",
3108
+ "default": 1
3109
+ },
3110
+ "vxlan_limit": {
3111
+ "type": "integer",
3112
+ "minimum": 0,
3113
+ "maximum": 4294967296,
3114
+ "description": "specifies the maximum number of FDB entries (0: none)",
3115
+ "default": 0
3116
+ },
3117
+ "vxlan_port": {
3118
+ "description": "specifies the UDP destination port to communicate to the remote VXLAN tunnel endpoint",
3119
+ "type": "integer",
3120
+ "minimum": 0,
3121
+ "maximum": 65535
3122
+ },
3123
+ "vxlan_port_range": {
3124
+ "description": "specifies the range of port numbers to use as UDP source ports to communicate to the remote VXLAN tunnel endpoint",
3125
+ "required": [
3126
+ "low",
3127
+ "high"
3128
+ ],
3129
+ "additionalProperties": false,
3130
+ "properties": {
3131
+ "low": {
3132
+ "type": "integer",
3133
+ "minimum": 0,
3134
+ "maximum": 65535
3135
+ },
3136
+ "high": {
3137
+ "type": "integer",
3138
+ "minimum": 0,
3139
+ "maximum": 65535
3140
+ }
3141
+ }
3142
+ },
3143
+ "vxlan_proxy": {
3144
+ "type": "integer",
3145
+ "minimum": 0,
3146
+ "maximum": 1,
3147
+ "description": "specifies if ARP proxy is turned on",
3148
+ "default": 0
3149
+ },
3150
+ "vxlan_rsc": {
3151
+ "type": "integer",
3152
+ "minimum": 0,
3153
+ "maximum": 1,
3154
+ "description": "specifies if route short circuit is turned on",
3155
+ "default": 0
3156
+ },
3157
+ "vxlan_l2miss": {
3158
+ "type": "integer",
3159
+ "minimum": 0,
3160
+ "maximum": 1,
3161
+ "description": "specifies if netlink LLADDR miss notifications are generated",
3162
+ "default": 0
3163
+ },
3164
+ "vxlan_l3miss": {
3165
+ "type": "integer",
3166
+ "minimum": 0,
3167
+ "maximum": 1,
3168
+ "description": "specifies if netlink IP ADDR miss notifications are generated",
3169
+ "default": 0
3170
+ },
3171
+ "vxlan_udp_csum": {
3172
+ "type": "integer",
3173
+ "minimum": 0,
3174
+ "maximum": 1,
3175
+ "description": "specifies if UDP checksum is calculated for tx packets over IPv4",
3176
+ "default": 1
3177
+ },
3178
+ "vxlan_link": {
3179
+ "$ref": "#/$defs/iface-link_tun-dev"
3180
+ },
3181
+ "vxlan_local": {
3182
+ "type": "string",
3183
+ "description": "tunnel source IPv4 address",
3184
+ "format": "ipv4"
3185
+ },
3186
+ "vxlan_local6": {
3187
+ "type": "string",
3188
+ "description": "tunnel source IPv6 address",
3189
+ "format": "ipv6"
3190
+ },
3191
+ "vxlan_group": {
3192
+ "type": "string",
3193
+ "description": "remote unicast destination or multicast group IPv4 address",
3194
+ "format": "ipv4"
3195
+ },
3196
+ "vxlan_group6": {
3197
+ "type": "string",
3198
+ "description": "remote unicast destination or multicast group IPv6 address",
3199
+ "format": "ipv6"
3200
+ },
3201
+ "vxlan_tos": {
3202
+ "type": "integer",
3203
+ "description": "specifies the TOS value to use in outgoing packets (0: inherit)",
3204
+ "minimum": 0,
3205
+ "maximum": 255,
3206
+ "default": 0
3207
+ },
3208
+ "vxlan_ttl": {
3209
+ "type": "integer",
3210
+ "description": "specifies the TTL value to use in outgoing packets (0: auto)",
3211
+ "minimum": 0,
3212
+ "maximum": 255,
3213
+ "default": 0
3214
+ },
3215
+ "vxlan_ttl_inherit": {
3216
+ "type": "boolean",
3217
+ "description": "control whether TTL is propagated",
3218
+ "default": false
3219
+ }
3220
+ },
3221
+ "anyOf": [
3222
+ {
3223
+ "oneOf": [
3224
+ {
3225
+ "required": [
3226
+ "vxlan_group"
3227
+ ]
3228
+ },
3229
+ {
3230
+ "required": [
3231
+ "vxlan_local"
3232
+ ]
3233
+ },
3234
+ {
3235
+ "required": [
3236
+ "vxlan_local",
3237
+ "vxlan_group"
3238
+ ]
3239
+ },
3240
+ {
3241
+ "required": [
3242
+ "vxlan_group6"
3243
+ ]
3244
+ },
3245
+ {
3246
+ "required": [
3247
+ "vxlan_local6"
3248
+ ]
3249
+ },
3250
+ {
3251
+ "required": [
3252
+ "vxlan_group6",
3253
+ "vxlan_local6"
3254
+ ]
3255
+ }
3256
+ ]
3257
+ },
3258
+ {
3259
+ "not": {
3260
+ "required": [
3261
+ "vxlan_group",
3262
+ "vxlan_group6",
3263
+ "vxlan_local",
3264
+ "vxlan_local6"
3265
+ ]
3266
+ }
3267
+ }
3268
+ ]
3269
+ },
3270
+ {
3271
+ "description": "IPIP interface",
3272
+ "required": [
3273
+ "kind",
3274
+ "ipip_remote",
3275
+ "ipip_local"
3276
+ ],
3277
+ "additionalProperties": false,
3278
+ "properties": {
3279
+ "kind": {
3280
+ "const": "ipip",
3281
+ "description": "link type"
3282
+ },
3283
+ "address": {
3284
+ "$ref": "#/$defs/iface-link_address"
3285
+ },
3286
+ "bind_netns": {
3287
+ "$ref": "#/$defs/iface-link_bind-netns"
3288
+ },
3289
+ "group": {
3290
+ "$ref": "#/$defs/iface-link_group"
3291
+ },
3292
+ "state": {
3293
+ "$ref": "#/$defs/iface-link_state"
3294
+ },
3295
+ "master": {
3296
+ "$ref": "#/$defs/iface-link_master"
3297
+ },
3298
+ "mtu": {
3299
+ "$ref": "#/$defs/iface-link_mtu"
3300
+ },
3301
+ "txqlen": {
3302
+ "$ref": "#/$defs/iface-link_txqlen"
3303
+ },
3304
+ "ifalias": {
3305
+ "$ref": "#/$defs/iface-link_ifalias"
3306
+ },
3307
+ "ipip_remote": {
3308
+ "$ref": "#/$defs/iface-link_tun-remote4"
3309
+ },
3310
+ "ipip_local": {
3311
+ "$ref": "#/$defs/iface-link_tun-local4"
3312
+ }
3313
+ }
3314
+ },
3315
+ {
3316
+ "description": "SIT interface",
3317
+ "required": [
3318
+ "kind",
3319
+ "sit_remote",
3320
+ "sit_local"
3321
+ ],
3322
+ "additionalProperties": false,
3323
+ "properties": {
3324
+ "kind": {
3325
+ "const": "sit",
3326
+ "description": "link type"
3327
+ },
3328
+ "address": {
3329
+ "$ref": "#/$defs/iface-link_address"
3330
+ },
3331
+ "bind_netns": {
3332
+ "$ref": "#/$defs/iface-link_bind-netns"
3333
+ },
3334
+ "group": {
3335
+ "$ref": "#/$defs/iface-link_group"
3336
+ },
3337
+ "state": {
3338
+ "$ref": "#/$defs/iface-link_state"
3339
+ },
3340
+ "master": {
3341
+ "$ref": "#/$defs/iface-link_master"
3342
+ },
3343
+ "mtu": {
3344
+ "$ref": "#/$defs/iface-link_mtu"
3345
+ },
3346
+ "txqlen": {
3347
+ "$ref": "#/$defs/iface-link_txqlen"
3348
+ },
3349
+ "ifalias": {
3350
+ "$ref": "#/$defs/iface-link_ifalias"
3351
+ },
3352
+ "sit_remote": {
3353
+ "$ref": "#/$defs/iface-link_tun-remote4"
3354
+ },
3355
+ "sit_local": {
3356
+ "$ref": "#/$defs/iface-link_tun-local4"
3357
+ }
3358
+ }
3359
+ },
3360
+ {
3361
+ "description": "GRE, GRETAP interface",
3362
+ "required": [
3363
+ "kind",
3364
+ "gre_remote",
3365
+ "gre_local"
3366
+ ],
3367
+ "additionalProperties": false,
3368
+ "properties": {
3369
+ "kind": {
3370
+ "type": "string",
3371
+ "description": "link type",
3372
+ "enum": [
3373
+ "gre",
3374
+ "gretap"
3375
+ ]
3376
+ },
3377
+ "address": {
3378
+ "$ref": "#/$defs/iface-link_address"
3379
+ },
3380
+ "bind_netns": {
3381
+ "$ref": "#/$defs/iface-link_bind-netns"
3382
+ },
3383
+ "group": {
3384
+ "$ref": "#/$defs/iface-link_group"
3385
+ },
3386
+ "state": {
3387
+ "$ref": "#/$defs/iface-link_state"
3388
+ },
3389
+ "master": {
3390
+ "$ref": "#/$defs/iface-link_master"
3391
+ },
3392
+ "mtu": {
3393
+ "$ref": "#/$defs/iface-link_mtu"
3394
+ },
3395
+ "txqlen": {
3396
+ "$ref": "#/$defs/iface-link_txqlen"
3397
+ },
3398
+ "ifalias": {
3399
+ "$ref": "#/$defs/iface-link_ifalias"
3400
+ },
3401
+ "gre_remote": {
3402
+ "$ref": "#/$defs/iface-link_tun-remote4"
3403
+ },
3404
+ "gre_local": {
3405
+ "$ref": "#/$defs/iface-link_tun-local4"
3406
+ },
3407
+ "gre_link": {
3408
+ "$ref": "#/$defs/iface-link_tun-dev"
3409
+ }
3410
+ }
3411
+ },
3412
+ {
3413
+ "description": "IP6GRE, IP6GRETAP interface",
3414
+ "required": [
3415
+ "kind",
3416
+ "ip6gre_remote",
3417
+ "ip6gre_local"
3418
+ ],
3419
+ "additionalProperties": false,
3420
+ "properties": {
3421
+ "kind": {
3422
+ "type": "string",
3423
+ "description": "link type",
3424
+ "enum": [
3425
+ "ip6gre",
3426
+ "ip6gretap"
3427
+ ]
3428
+ },
3429
+ "address": {
3430
+ "$ref": "#/$defs/iface-link_address"
3431
+ },
3432
+ "bind_netns": {
3433
+ "$ref": "#/$defs/iface-link_bind-netns"
3434
+ },
3435
+ "group": {
3436
+ "$ref": "#/$defs/iface-link_group"
3437
+ },
3438
+ "state": {
3439
+ "$ref": "#/$defs/iface-link_state"
3440
+ },
3441
+ "master": {
3442
+ "$ref": "#/$defs/iface-link_master"
3443
+ },
3444
+ "mtu": {
3445
+ "$ref": "#/$defs/iface-link_mtu"
3446
+ },
3447
+ "txqlen": {
3448
+ "$ref": "#/$defs/iface-link_txqlen"
3449
+ },
3450
+ "ifalias": {
3451
+ "$ref": "#/$defs/iface-link_ifalias"
3452
+ },
3453
+ "ip6gre_remote": {
3454
+ "$ref": "#/$defs/iface-link_tun-remote6"
3455
+ },
3456
+ "ip6gre_local": {
3457
+ "$ref": "#/$defs/iface-link_tun-local6"
3458
+ },
3459
+ "ip6gre_link": {
3460
+ "$ref": "#/$defs/iface-link_tun-dev"
3461
+ }
3462
+ }
3463
+ },
3464
+ {
3465
+ "description": "GENEVE interface over IPv4",
3466
+ "additionalProperties": false,
3467
+ "required": [
3468
+ "kind",
3469
+ "geneve_id",
3470
+ "geneve_remote"
3471
+ ],
3472
+ "properties": {
3473
+ "kind": {
3474
+ "const": "geneve",
3475
+ "description": "link type"
3476
+ },
3477
+ "address": {
3478
+ "$ref": "#/$defs/iface-link_address"
3479
+ },
3480
+ "bind_netns": {
3481
+ "$ref": "#/$defs/iface-link_bind-netns"
3482
+ },
3483
+ "group": {
3484
+ "$ref": "#/$defs/iface-link_group"
3485
+ },
3486
+ "state": {
3487
+ "$ref": "#/$defs/iface-link_state"
3488
+ },
3489
+ "master": {
3490
+ "$ref": "#/$defs/iface-link_master"
3491
+ },
3492
+ "mtu": {
3493
+ "$ref": "#/$defs/iface-link_mtu"
3494
+ },
3495
+ "txqlen": {
3496
+ "$ref": "#/$defs/iface-link_txqlen"
3497
+ },
3498
+ "ifalias": {
3499
+ "$ref": "#/$defs/iface-link_ifalias"
3500
+ },
3501
+ "geneve_id": {
3502
+ "type": [
3503
+ "integer"
3504
+ ],
3505
+ "minimum": 0,
3506
+ "maximum": 16777215,
3507
+ "description": "specifies the VNI to use"
3508
+ },
3509
+ "geneve_remote": {
3510
+ "$ref": "#/$defs/iface-link_tun-remote4"
3511
+ }
3512
+ }
3513
+ },
3514
+ {
3515
+ "description": "GENEVE interface over IPv6",
3516
+ "additionalProperties": false,
3517
+ "required": [
3518
+ "kind",
3519
+ "geneve_id",
3520
+ "geneve_remote6"
3521
+ ],
3522
+ "properties": {
3523
+ "kind": {
3524
+ "const": "geneve",
3525
+ "description": "link type"
3526
+ },
3527
+ "address": {
3528
+ "$ref": "#/$defs/iface-link_address"
3529
+ },
3530
+ "bind_netns": {
3531
+ "$ref": "#/$defs/iface-link_bind-netns"
3532
+ },
3533
+ "group": {
3534
+ "$ref": "#/$defs/iface-link_group"
3535
+ },
3536
+ "state": {
3537
+ "$ref": "#/$defs/iface-link_state"
3538
+ },
3539
+ "master": {
3540
+ "$ref": "#/$defs/iface-link_master"
3541
+ },
3542
+ "mtu": {
3543
+ "$ref": "#/$defs/iface-link_mtu"
3544
+ },
3545
+ "txqlen": {
3546
+ "$ref": "#/$defs/iface-link_txqlen"
3547
+ },
3548
+ "ifalias": {
3549
+ "$ref": "#/$defs/iface-link_ifalias"
3550
+ },
3551
+ "geneve_id": {
3552
+ "type": [
3553
+ "integer"
3554
+ ],
3555
+ "minimum": 0,
3556
+ "maximum": 16777215,
3557
+ "description": "specifies the VNI to use"
3558
+ },
3559
+ "geneve_remote6": {
3560
+ "$ref": "#/$defs/iface-link_tun-remote6"
3561
+ }
3562
+ }
3563
+ },
3564
+ {
3565
+ "description": "WireGuard interface; WireGuard settings can be configured using a `wireguard` block",
3566
+ "required": [
3567
+ "kind"
3568
+ ],
3569
+ "additionalProperties": false,
3570
+ "properties": {
3571
+ "kind": {
3572
+ "const": "wireguard",
3573
+ "description": "link type"
3574
+ },
3575
+ "address": {
3576
+ "$ref": "#/$defs/iface-link_address"
3577
+ },
3578
+ "bind_netns": {
3579
+ "$ref": "#/$defs/iface-link_bind-netns"
3580
+ },
3581
+ "group": {
3582
+ "$ref": "#/$defs/iface-link_group"
3583
+ },
3584
+ "state": {
3585
+ "$ref": "#/$defs/iface-link_state"
3586
+ },
3587
+ "master": {
3588
+ "$ref": "#/$defs/iface-link_master"
3589
+ },
3590
+ "mtu": {
3591
+ "$ref": "#/$defs/iface-link_mtu"
3592
+ },
3593
+ "txqlen": {
3594
+ "$ref": "#/$defs/iface-link_txqlen"
3595
+ },
3596
+ "ifalias": {
3597
+ "$ref": "#/$defs/iface-link_ifalias"
3598
+ }
3599
+ }
3600
+ },
3601
+ {
3602
+ "description": "XFRM interface",
3603
+ "required": [
3604
+ "kind",
3605
+ "xfrm_if_id"
3606
+ ],
3607
+ "additionalProperties": false,
3608
+ "properties": {
3609
+ "kind": {
3610
+ "const": "xfrm",
3611
+ "description": "link type"
3612
+ },
3613
+ "address": {
3614
+ "$ref": "#/$defs/iface-link_address"
3615
+ },
3616
+ "bind_netns": {
3617
+ "$ref": "#/$defs/iface-link_bind-netns"
3618
+ },
3619
+ "group": {
3620
+ "$ref": "#/$defs/iface-link_group"
3621
+ },
3622
+ "state": {
3623
+ "$ref": "#/$defs/iface-link_state"
3624
+ },
3625
+ "master": {
3626
+ "$ref": "#/$defs/iface-link_master"
3627
+ },
3628
+ "mtu": {
3629
+ "$ref": "#/$defs/iface-link_mtu"
3630
+ },
3631
+ "txqlen": {
3632
+ "$ref": "#/$defs/iface-link_txqlen"
3633
+ },
3634
+ "ifalias": {
3635
+ "$ref": "#/$defs/iface-link_ifalias"
3636
+ },
3637
+ "xfrm_link": {
3638
+ "$ref": "#/$defs/iface-link_tun-dev",
3639
+ "description": "underlying interface used to send and receive the transformed traffic"
3640
+ },
3641
+ "xfrm_if_id": {
3642
+ "type": [
3643
+ "integer"
3644
+ ],
3645
+ "minimum": 0,
3646
+ "maximum": 4294967295,
3647
+ "default": 0,
3648
+ "description": "lookup key to match xfrm policies"
3649
+ }
3650
+ }
3651
+ }
3652
+ ]
3653
+ },
3654
+ "neighbours": {
3655
+ "description": "static ARP or NDISC cache entries",
3656
+ "type": "array",
3657
+ "items": {
3658
+ "type": "object",
3659
+ "required": [
3660
+ "dst"
3661
+ ],
3662
+ "additionalProperties": false,
3663
+ "properties": {
3664
+ "dst": {
3665
+ "description": "protocol address of the neighbour",
3666
+ "type": "string",
3667
+ "format": "ipv4"
3668
+ },
3669
+ "lladdr": {
3670
+ "description": "link layer address of the neighbour",
3671
+ "$ref": "#/$defs/iface-link_address",
3672
+ "default": null
3673
+ }
3674
+ }
3675
+ }
3676
+ },
3677
+ "sysctl": {
3678
+ "description": "interface sysctl settings",
3679
+ "type": "object",
3680
+ "additionalProperties": false,
3681
+ "properties": {
3682
+ "ipv4": {
3683
+ "$ref": "#/$defs/iface-sysctl-ipv4"
3684
+ },
3685
+ "ipv6": {
3686
+ "$ref": "#/$defs/iface-sysctl-ipv6"
3687
+ },
3688
+ "mpls": {
3689
+ "$ref": "#/$defs/iface-sysctl-mpls-link"
3690
+ }
3691
+ }
3692
+ },
3693
+ "ethtool": {
3694
+ "$ref": "#/$defs/iface-ethtool"
3695
+ },
3696
+ "cshaper": {
3697
+ "description": "simple shaper setup based on the [cake](https://man7.org/linux/man-pages/man8/tc-cake.8.html) queue discipline; replaces any tc settings",
3698
+ "type": "object",
3699
+ "additionalProperties": false,
3700
+ "properties": {
3701
+ "ingress": {
3702
+ "description": "target ingress bandwidth",
3703
+ "type": "string",
3704
+ "default": "unlimited"
3705
+ },
3706
+ "egress": {
3707
+ "description": "target egress bandwidth",
3708
+ "type": "string",
3709
+ "default": "unlimited"
3710
+ },
3711
+ "profile": {
3712
+ "description": "cshaper profile",
3713
+ "type": "string",
3714
+ "default": "default"
3715
+ }
3716
+ }
3717
+ },
3718
+ "tc": {
3719
+ "description": "settings for traffic control",
3720
+ "type": "object",
3721
+ "additionalProperties": false,
3722
+ "properties": {
3723
+ "ingress": {
3724
+ "description": "enable the ingress qdisc for policing and shaping in ingress",
3725
+ "type": "boolean"
3726
+ },
3727
+ "qdisc": {
3728
+ "description": "root queueing disciplines",
3729
+ "$ref": "#/$defs/iface-tc_qdisc"
3730
+ },
3731
+ "filter": {
3732
+ "description": "filter used by qdiscs",
3733
+ "type": "array",
3734
+ "items": {
3735
+ "type": "object",
3736
+ "required": [
3737
+ "kind"
3738
+ ],
3739
+ "properties": {
3740
+ "kind": {
3741
+ "type": "string",
3742
+ "description": "filter type",
3743
+ "enum": [
3744
+ "basic",
3745
+ "flow",
3746
+ "fw",
3747
+ "matchall"
3748
+ ]
3749
+ }
3750
+ },
3751
+ "oneOf": [
3752
+ {
3753
+ "description": "[basic](https://man7.org/linux/man-pages/man8/tc-basic.8.html) - basic traffic control filter",
3754
+ "additionalProperties": false,
3755
+ "properties": {
3756
+ "kind": {
3757
+ "type": "string",
3758
+ "enum": [
3759
+ "basic"
3760
+ ]
3761
+ },
3762
+ "protocol": {
3763
+ "$ref": "#/$defs/iface-tc_protocol"
3764
+ },
3765
+ "prio": {
3766
+ "$ref": "#/$defs/iface-tc_prio"
3767
+ },
3768
+ "action": {
3769
+ "$ref": "#/$defs/iface-tc_action"
3770
+ },
3771
+ "match": {
3772
+ "description": "match packets using the [extended match infrastructure](https://man7.org/linux/man-pages/man8/tc-ematch.8.html)",
3773
+ "type": "object"
3774
+ }
3775
+ }
3776
+ },
3777
+ {
3778
+ "description": "[flow](https://man7.org/linux/man-pages/man8/tc-flow.8.html) - flow based traffic control filter",
3779
+ "properties": {
3780
+ "kind": {
3781
+ "type": "string",
3782
+ "enum": [
3783
+ "flow"
3784
+ ]
3785
+ },
3786
+ "protocol": {
3787
+ "$ref": "#/$defs/iface-tc_protocol"
3788
+ },
3789
+ "prio": {
3790
+ "$ref": "#/$defs/iface-tc_prio"
3791
+ },
3792
+ "action": {
3793
+ "$ref": "#/$defs/iface-tc_action"
3794
+ },
3795
+ "baseclass": {
3796
+ "description": "offset for the class ID calculation",
3797
+ "type": "integer",
3798
+ "minimum": 0,
3799
+ "maximum": 65535,
3800
+ "default": 1
3801
+ },
3802
+ "divisor": {
3803
+ "type": "integer",
3804
+ "minimum": 0,
3805
+ "maximum": 4294967295
3806
+ },
3807
+ "or": {
3808
+ "type": "integer",
3809
+ "minimum": 0,
3810
+ "maximum": 4294967295
3811
+ },
3812
+ "and": {
3813
+ "type": "integer",
3814
+ "minimum": 0,
3815
+ "maximum": 4294967295
3816
+ },
3817
+ "xor": {
3818
+ "type": "integer",
3819
+ "minimum": 0,
3820
+ "maximum": 4294967295
3821
+ },
3822
+ "rshift": {
3823
+ "type": "integer",
3824
+ "minimum": 0,
3825
+ "maximum": 4294967295
3826
+ },
3827
+ "addend": {
3828
+ "type": "integer",
3829
+ "minimum": 0,
3830
+ "maximum": 4294967295
3831
+ }
3832
+ },
3833
+ "oneOf": [
3834
+ {
3835
+ "required": [
3836
+ "kind",
3837
+ "mode",
3838
+ "key"
3839
+ ],
3840
+ "properties": {
3841
+ "mode": {
3842
+ "description": "filter mode",
3843
+ "type": "string",
3844
+ "enum": [
3845
+ "map"
3846
+ ]
3847
+ },
3848
+ "key": {
3849
+ "description": "map to class ID by key",
3850
+ "type": "string",
3851
+ "enum": [
3852
+ "src",
3853
+ "dst",
3854
+ "proto",
3855
+ "proto-src",
3856
+ "proto-dst",
3857
+ "iif",
3858
+ "priority",
3859
+ "mark",
3860
+ "nfct",
3861
+ "nfct-src",
3862
+ "nfct-dst",
3863
+ "nfct-proto-src",
3864
+ "nfct-proto-dst",
3865
+ "rt-classid",
3866
+ "sk-uid",
3867
+ "sk-gid",
3868
+ "vlan-tag",
3869
+ "rxhash"
3870
+ ]
3871
+ }
3872
+ }
3873
+ },
3874
+ {
3875
+ "required": [
3876
+ "kind",
3877
+ "mode",
3878
+ "keys"
3879
+ ],
3880
+ "properties": {
3881
+ "mode": {
3882
+ "description": "filter mode",
3883
+ "type": "string",
3884
+ "enum": [
3885
+ "hash"
3886
+ ]
3887
+ },
3888
+ "keys": {
3889
+ "description": "hash over keys for class ID calculation",
3890
+ "type": "array",
3891
+ "items": {
3892
+ "type": "string",
3893
+ "enum": [
3894
+ "src",
3895
+ "dst",
3896
+ "proto",
3897
+ "proto-src",
3898
+ "proto-dst",
3899
+ "iif",
3900
+ "priority",
3901
+ "mark",
3902
+ "nfct",
3903
+ "nfct-src",
3904
+ "nfct-dst",
3905
+ "nfct-proto-src",
3906
+ "nfct-proto-dst",
3907
+ "rt-classid",
3908
+ "sk-uid",
3909
+ "sk-gid",
3910
+ "vlan-tag",
3911
+ "rxhash"
3912
+ ]
3913
+ }
3914
+ },
3915
+ "perturb": {
3916
+ "description": "rehashing interval (in seconds)",
3917
+ "type": "integer",
3918
+ "minimum": 0,
3919
+ "maximum": 294967295
3920
+ }
3921
+ }
3922
+ }
3923
+ ]
3924
+ },
3925
+ {
3926
+ "description": "[fw](https://man7.org/linux/man-pages/man8/tc-fw.8.html) - fwmark traffic control filter",
3927
+ "additionalProperties": false,
3928
+ "required": [
3929
+ "kind",
3930
+ "handle"
3931
+ ],
3932
+ "properties": {
3933
+ "kind": {
3934
+ "type": "string",
3935
+ "enum": [
3936
+ "fw"
3937
+ ]
3938
+ },
3939
+ "protocol": {
3940
+ "$ref": "#/$defs/iface-tc_protocol"
3941
+ },
3942
+ "prio": {
3943
+ "$ref": "#/$defs/iface-tc_prio"
3944
+ },
3945
+ "action": {
3946
+ "$ref": "#/$defs/iface-tc_action"
3947
+ },
3948
+ "handle": {
3949
+ "description": "fwmark (iptables) to match",
3950
+ "type": "integer",
3951
+ "minimum": 0
3952
+ }
3953
+ }
3954
+ },
3955
+ {
3956
+ "description": "[matchall](https://man7.org/linux/man-pages/man8/tc-matchall.8.html) - traffic control filter that matches every packet",
3957
+ "additionalProperties": false,
3958
+ "properties": {
3959
+ "kind": {
3960
+ "type": "string",
3961
+ "enum": [
3962
+ "matchall"
3963
+ ]
3964
+ },
3965
+ "parent": {
3966
+ "$ref": "#/$defs/iface-tc_qid"
3967
+ },
3968
+ "protocol": {
3969
+ "$ref": "#/$defs/iface-tc_protocol"
3970
+ },
3971
+ "prio": {
3972
+ "$ref": "#/$defs/iface-tc_prio"
3973
+ },
3974
+ "action": {
3975
+ "$ref": "#/$defs/iface-tc_action"
3976
+ },
3977
+ "classid": {
3978
+ "description": "push matching packets into class",
3979
+ "type": "integer",
3980
+ "minimum": 0,
3981
+ "maximum": 4294967295
3982
+ },
3983
+ "flags": {
3984
+ "description": "process flags (1: SKIP_HW, 2: SKIP_SW)",
3985
+ "type": "integer",
3986
+ "minimum": 0,
3987
+ "maximum": 4294967295
3988
+ }
3989
+ }
3990
+ }
3991
+ ]
3992
+ }
3993
+ }
3994
+ }
3995
+ },
3996
+ "wireguard": {
3997
+ "description": "settings for WireGuard interfaces",
3998
+ "type": "object",
3999
+ "additionalProperties": false,
4000
+ "required": [
4001
+ "private_key"
4002
+ ],
4003
+ "properties": {
4004
+ "private_key": {
4005
+ "description": "local private key (consider to use the `!include` tag to read the key from file)",
4006
+ "type": "string"
4007
+ },
4008
+ "listen_port": {
4009
+ "description": "port for listening",
4010
+ "type": "integer",
4011
+ "minimum": 0,
4012
+ "maximum": 65535
4013
+ },
4014
+ "fwmark": {
4015
+ "description": "fwmark for outgoing packets",
4016
+ "type": "integer",
4017
+ "minimum": 0,
4018
+ "maximum": 4294967295
4019
+ },
4020
+ "peers": {
4021
+ "description": "dictonary with peers: the keys of the dictionary are the public keys of the peers (base64 encoded)",
4022
+ "type": "object",
4023
+ "additionalProperties": false,
4024
+ "patternProperties": {
4025
+ "^[-A-Za-z0-9+/]{43}=$": {
4026
+ "type": "object",
4027
+ "additionalProperties": false,
4028
+ "properties": {
4029
+ "preshared_key": {
4030
+ "description": "preshared key for post-quantum resistance (consider to use the `!include` tag to read the key from file)",
4031
+ "type": "string"
4032
+ },
4033
+ "endpoint": {
4034
+ "description": "initial endpoint IP or hostname",
4035
+ "type": "string"
4036
+ },
4037
+ "persistent_keepalive_interval": {
4038
+ "description": "keepalive interval seconds",
4039
+ "type": "integer",
4040
+ "minimum": 0,
4041
+ "maximum": 65535
4042
+ },
4043
+ "allowedips": {
4044
+ "description": "list of prefixes in CIDR notation",
4045
+ "type": "array",
4046
+ "items": {
4047
+ "type": "string"
4048
+ }
4049
+ }
4050
+ }
4051
+ }
4052
+ }
4053
+ }
4054
+ }
4055
+ },
4056
+ "xdp": {
4057
+ "description": "settings for XDP (\"eXpress Data Path\") BPF program",
4058
+ "oneOf": [
4059
+ {
4060
+ "description": "remove attached XDP program",
4061
+ "type": "boolean",
4062
+ "enum": [
4063
+ false
4064
+ ]
4065
+ },
4066
+ {
4067
+ "description": "attach already pinned XDP program",
4068
+ "type": "object",
4069
+ "additionalProperties": false,
4070
+ "required": [
4071
+ "pinned"
4072
+ ],
4073
+ "properties": {
4074
+ "mode": {
4075
+ "$ref": "#/$defs/xdp_mode"
4076
+ },
4077
+ "pinned": {
4078
+ "description": "path to already pinned XDP program",
4079
+ "type": "string",
4080
+ "format": "^/sys/fs/bfd/."
4081
+ }
4082
+ }
4083
+ },
4084
+ {
4085
+ "description": "BPF program from ifstate's bpf config section",
4086
+ "type": "object",
4087
+ "additionalProperties": false,
4088
+ "required": [
4089
+ "bpf"
4090
+ ],
4091
+ "properties": {
4092
+ "mode": {
4093
+ "$ref": "#/$defs/xdp_mode"
4094
+ },
4095
+ "bpf": {
4096
+ "description": "BPF program (key in bpf config section)",
4097
+ "type": "string"
4098
+ }
4099
+ }
4100
+ }
4101
+ ]
4102
+ }
4103
+ }
4104
+ }
4105
+ }
4106
+ },
4107
+ "routing": {
4108
+ "type": "object",
4109
+ "additionalProperties": false,
4110
+ "properties": {
4111
+ "routes": {
4112
+ "type": "array",
4113
+ "items": {
4114
+ "type": "object",
4115
+ "required": [
4116
+ "to"
4117
+ ],
4118
+ "additionalProperties": false,
4119
+ "properties": {
4120
+ "type": {
4121
+ "description": "the type of this route",
4122
+ "type": [
4123
+ "integer",
4124
+ "string"
4125
+ ],
4126
+ "enum": [
4127
+ "unicast",
4128
+ "local",
4129
+ "broadcast",
4130
+ "anycast",
4131
+ "multicast",
4132
+ "blackhole",
4133
+ "unreachable",
4134
+ "prohibit",
4135
+ "throw",
4136
+ "nat",
4137
+ "xresolve"
4138
+ ],
4139
+ "minimum": 1,
4140
+ "maximum": 11,
4141
+ "default": "unicast"
4142
+ },
4143
+ "dev": {
4144
+ "description": "the output device name",
4145
+ "type": [
4146
+ "integer",
4147
+ "string"
4148
+ ]
4149
+ },
4150
+ "proto": {
4151
+ "description": "the routing protool identifier of this route",
4152
+ "type": [
4153
+ "integer",
4154
+ "string"
4155
+ ],
4156
+ "default": "boot"
4157
+ },
4158
+ "realm": {
4159
+ "description": "the realm to which this route is assigned",
4160
+ "type": [
4161
+ "integer",
4162
+ "string"
4163
+ ]
4164
+ },
4165
+ "scope": {
4166
+ "description": "the scope of the destinations covered by the route prefix",
4167
+ "type": [
4168
+ "integer",
4169
+ "string"
4170
+ ]
4171
+ },
4172
+ "table": {
4173
+ "description": "the table to add this route to",
4174
+ "type": [
4175
+ "integer",
4176
+ "string"
4177
+ ],
4178
+ "default": "main"
4179
+ },
4180
+ "to": {
4181
+ "description": "the destination prefix of the route",
4182
+ "type": "string"
4183
+ },
4184
+ "via": {
4185
+ "description": "address of the nexthop router",
4186
+ "type": "string",
4187
+ "oneOf": [
4188
+ {
4189
+ "format": "ipv4"
4190
+ },
4191
+ {
4192
+ "format": "ipv6"
4193
+ }
4194
+ ]
4195
+ },
4196
+ "vrrp": {
4197
+ "$ref": "#/$defs/condition-vrrp"
4198
+ },
4199
+ "src": {
4200
+ "description": "the source address to prefer",
4201
+ "type": "string",
4202
+ "oneOf": [
4203
+ {
4204
+ "format": "ipv4"
4205
+ },
4206
+ {
4207
+ "format": "ipv6"
4208
+ }
4209
+ ]
4210
+ },
4211
+ "preference": {
4212
+ "description": "preference of the route",
4213
+ "type": "integer",
4214
+ "minimum": 0,
4215
+ "maximum": 4294967295,
4216
+ "default": 0
4217
+ }
4218
+ }
4219
+ }
4220
+ },
4221
+ "rules": {
4222
+ "type": "array",
4223
+ "items": {
4224
+ "type": "object",
4225
+ "if": {
4226
+ "properties": {
4227
+ "action": {
4228
+ "const": "to_tbl"
4229
+ }
4230
+ }
4231
+ },
4232
+ "then": {
4233
+ "required": [
4234
+ "table",
4235
+ "priority"
4236
+ ]
4237
+ },
4238
+ "else": {
4239
+ "required": [
4240
+ "priority"
4241
+ ]
4242
+ },
4243
+ "additionalProperties": false,
4244
+ "properties": {
4245
+ "action": {
4246
+ "type": [
4247
+ "integer",
4248
+ "string"
4249
+ ],
4250
+ "description": "the type of this rule",
4251
+ "enum": [
4252
+ "to_tbl",
4253
+ "blackhole",
4254
+ "unreachable",
4255
+ "prohibit"
4256
+ ],
4257
+ "default": "to_tbl"
4258
+ },
4259
+ "table": {
4260
+ "type": [
4261
+ "integer",
4262
+ "string"
4263
+ ],
4264
+ "minimum": 0,
4265
+ "maximum": 255
4266
+ },
4267
+ "priority": {
4268
+ "type": "integer",
4269
+ "description": "the priority of this rule",
4270
+ "minimum": 0,
4271
+ "maximum": 4294967295
4272
+ },
4273
+ "from": {
4274
+ "type": "string",
4275
+ "description": "select the source prefix to match"
4276
+ },
4277
+ "to": {
4278
+ "type": "string",
4279
+ "description": "select the destination prefix to match"
4280
+ },
4281
+ "iif": {
4282
+ "type": "string",
4283
+ "description": "select the incoming device to match"
4284
+ },
4285
+ "oif": {
4286
+ "type": "string",
4287
+ "description": "select the outgoing device to match"
4288
+ },
4289
+ "proto": {
4290
+ "type": [
4291
+ "integer",
4292
+ "string"
4293
+ ],
4294
+ "default": "unspec",
4295
+ "description": "routing protocol number (`/etc/iproute2/rt_protos`)"
4296
+ },
4297
+ "fwmark": {
4298
+ "type": "integer",
4299
+ "description": "select the *fwmark* value to match"
4300
+ },
4301
+ "ipproto": {
4302
+ "type": [
4303
+ "integer",
4304
+ "string"
4305
+ ],
4306
+ "description": "select the ip protocol to match"
4307
+ },
4308
+ "vrrp": {
4309
+ "$ref": "#/$defs/condition-vrrp"
4310
+ },
4311
+ "family": {
4312
+ "type": [
4313
+ "integer",
4314
+ "string"
4315
+ ],
4316
+ "enum": [
4317
+ "AF_INET",
4318
+ "AF_INET6",
4319
+ "inet",
4320
+ "inet6",
4321
+ 2,
4322
+ 10
4323
+ ],
4324
+ "description": "IP family (IPv4 or IPv6) to add the rule to. One of `AF_INET`, `inet`, `2` for IPv4 or `AF_INET6`, `inet6`, `10` for IPv6. Leave undefined to let ifstate and pyroute2 automatically detect it from the 'to' and 'from' addresses, defaulting to IPv4."
4325
+ }
4326
+ }
4327
+ }
4328
+ }
4329
+ }
4330
+ },
4331
+ "sysctl": {
4332
+ "description": "network sysctl settings",
4333
+ "type": "object",
4334
+ "additionalProperties": false,
4335
+ "properties": {
4336
+ "all": {
4337
+ "description": "overrides [per interface sysctl settings](https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt) in `/proc/sys/net/ipv*/conf/all/`",
4338
+ "type": "object",
4339
+ "additionalProperties": false,
4340
+ "properties": {
4341
+ "ipv4": {
4342
+ "$ref": "#/$defs/iface-sysctl-ipv4"
4343
+ },
4344
+ "ipv6": {
4345
+ "$ref": "#/$defs/iface-sysctl-ipv6"
4346
+ }
4347
+ }
4348
+ },
4349
+ "default": {
4350
+ "description": "default [per interface sysctl settings](https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt) in `/proc/sys/net/ipv*/conf/default/`",
4351
+ "type": "object",
4352
+ "additionalProperties": false,
4353
+ "properties": {
4354
+ "ipv4": {
4355
+ "$ref": "#/$defs/iface-sysctl-ipv4"
4356
+ },
4357
+ "ipv6": {
4358
+ "$ref": "#/$defs/iface-sysctl-ipv6"
4359
+ }
4360
+ }
4361
+ },
4362
+ "mpls": {
4363
+ "$ref": "#/$defs/iface-sysctl-mpls"
4364
+ },
4365
+ "mptcp": {
4366
+ "$ref": "#/$defs/iface-sysctl-mptcp"
4367
+ }
4368
+ }
4369
+ },
4370
+ "namespaces": {
4371
+ "type": "object",
4372
+ "additionalProperties": false,
4373
+ "patternProperties": {
4374
+ ".+": {
4375
+ "type": "object",
4376
+ "additionalProperties": false,
4377
+ "required": [
4378
+ "interfaces"
4379
+ ],
4380
+ "properties": {
4381
+ "bpf": {
4382
+ "$ref": "#/properties/bpf"
4383
+ },
4384
+ "interfaces": {
4385
+ "$ref": "#/properties/interfaces"
4386
+ },
4387
+ "routing": {
4388
+ "$ref": "#/properties/routing"
4389
+ },
4390
+ "sysctl": {
4391
+ "$ref": "#/properties/sysctl"
4392
+ }
4393
+ }
4394
+ }
4395
+ }
4396
+ }
4397
+ }
4398
+ }